Latest news
Jon Edney specializes in wireless networking and is a key contributor to the development of IEEE 802.11 systems. As a member of the technology consultancy Symbionics Networks, he deployed the first low-cost 802.11 designs.In 1996, Edney co founded InTalk, Inc., the first IEEE 802.11 company to develop WLAN access points. After InTalk was acquired by Nokia Corporation, he focused on the application of Wi-Fi to public access networks. He is an active member of the IEEE 802.11 TGi security group.
How did you get interested in wireless security?
I've been involved in IEEE802.11 since the early days. In the early 1990's there was hardly more than a roomful of people involved in the standards work - now there are more than 500 people at every meeting. In those days the application were specialized and small scale but some of us could see the potential for the technology to challenge Ethernet. The first requirement was to get to 10Mbps (the original standard was only 1-2 Mbps). The second issue was security. Every customer was concerned about security and, quite frankly, a lot of bunk was talked on the issue. There was no real security in the original standard. Everybody knew that WEP was only a lightweight privacy protocol because with the short key (40bits) it was open to brute force attack. The intent, even at that time, was that it you needed "military grade" security you had to add this on top. The problem really set in when vendors started marketing "128 bit" security. They lengthened the key but did not look at the protocol to see where the other weaknesses were. It raised expectations among customers that could not be achieved in practice. In my opinion it was the introduction of "128 bit" WEP keys that created a problem - something that was never adopted by the official IEEE802.11 standard.
When the weaknesses of WEP became public and the IEEE802.11 standards group opened up a task group on security I welcomed the opportunity to sign-up. There were only about 10 people in the early meetings but this grew to 70 or 80 people at the peak. Security is a fascinating subject embracing advanced mathematics, systems analysis, lateral thinking and plain cunning.
How long did it take you to write "Real 802.11 Security: Wi-Fi Protected Access and 802.11i" and what was it like? Any major difficulties?
Spotlight
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
Internet Explorer best at blocking malware
Posted on 14 May 2013. | While Chrome’s malware download protection improved significantly, Internet Explorer 10 continues to outperform the other browsers with a block rate of 99.96%.
Researcher refuses to help Saudi telco to spy on people
Posted on 14 May 2013. | You would think that a Saudi Arabian telecom firm interested in monitoring its users' mobile communications would not be asking a well-known pro-privacy researcher for help, but you would be wrong.
Malicious browser extensions are hijacking Facebook accounts
Posted on 13 May 2013. | Facebook users - especially those in Brazil - are being targeted with malicious browser extensions trying to hijack Facebook profiles, warns Microsoft.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
