Interview with Jon Edney, author of "Real 802.11 Security"
by Mirko Zorz - Thursday, 18 December 2003.
The simplest solution for business use is to keep the access points on separate wiring and run the connection through a firewall to a VPN server. It's a pain. You can see why people are itching to get the new full grade security solution so that they can safely put the access point where wiring already exists.

Despite the insecurities of 802.11, the number of wireless networks is growing rapidly. What should be done in order to raise awareness of wireless security problems?

There are really two classes of problem here. The first is in corporations where the IT staff is fully aware of security risks and take careful protection measures but employees drive a dump truck through the protections by installing an unauthorized wireless LAN. This can be a particular problem in companies that have lots of small branches and offices. All it takes is a proactive manager to go and buy an access point at the local computer store and connect it where his PC used to plug in and you have a breach. Furthermore it's one that is almost impossible for the IT department to detect. The solution here is education by the corporation - education not just rules. People tend to ignore rules because they think the IT departments are "control freaks". But if they understand the dangers they will cooperate.

I said there was two classes of problem. The second class is home users. This is more difficult because we are not in a position to educate and people have a strong tendency to think that bad things only happen to other people. Many, many people install wireless LANs with no security and default settings on the access point. I think that most people are actually aware that the wireless signal cold be intercepted but they probably don't care that much - they may not feel their web browsing activity is that important to keep secret. I think fewer people realize that the wireless LAN is potentially an open door to their computer. Even fewer think about the consequences of letting a stranger use their broadband access to the internet. People use the Internet for illegal purposes - probably more that you realize. Law enforcement is getting better at tracing and tracking illegal net activity. The solution is to find an unsuspecting sucker and use their internet connection so that the FBI (or whoever) will trace the illegal activity back to their account. It not to say that they would end up in jail but most people would not want to be used in this way. I think if these sorts of dangers were more publicized people at home would rush to turn security on.

A significant part in the process of developing wireless networks is ensuring that the data on wireless devices is secure. What do you see as the biggest threats to that security?

I'm not sure what you're driving at here. Maybe you refer to the security of the data while stored on the wireless device, as opposed to "in transit". Of course this is a problem that applies equally to both wireless and wired devices. I suppose mobile devices are more vulnerable because they are more easily stolen or lost. There is clearly an argument that says information should be encrypted at source and decrypted only when used. In other words it would remain encrypted while stored on the device and only be decoded when the application needed to access it. In the extreme, the decryption would occur inside the microprocessor so that it could never be accessed out of context. I believe there are some ideas going forward in this area. In such a case it might be argued that in such a case security is no longer needed for the wireless links but, in practice, there are attacks other than on data content which need to be defended. I think you'll still need separate wireless security for the foreseeable future.

Warchalking, Wardriving, Warspamming - these are just some of the terms we see frequently in the news. Do you see these actions as a real problem or is it just the media making things bigger than they are?


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th