I said there was two classes of problem. The second class is home users. This is more difficult because we are not in a position to educate and people have a strong tendency to think that bad things only happen to other people. Many, many people install wireless LANs with no security and default settings on the access point. I think that most people are actually aware that the wireless signal cold be intercepted but they probably don't care that much - they may not feel their web browsing activity is that important to keep secret. I think fewer people realize that the wireless LAN is potentially an open door to their computer. Even fewer think about the consequences of letting a stranger use their broadband access to the internet. People use the Internet for illegal purposes - probably more that you realize. Law enforcement is getting better at tracing and tracking illegal net activity. The solution is to find an unsuspecting sucker and use their internet connection so that the FBI (or whoever) will trace the illegal activity back to their account. It not to say that they would end up in jail but most people would not want to be used in this way. I think if these sorts of dangers were more publicized people at home would rush to turn security on.

A significant part in the process of developing wireless networks is ensuring that the data on wireless devices is secure. What do you see as the biggest threats to that security?

I'm not sure what you're driving at here. Maybe you refer to the security of the data while stored on the wireless device, as opposed to "in transit". Of course this is a problem that applies equally to both wireless and wired devices. I suppose mobile devices are more vulnerable because they are more easily stolen or lost. There is clearly an argument that says information should be encrypted at source and decrypted only when used. In other words it would remain encrypted while stored on the device and only be decoded when the application needed to access it. In the extreme, the decryption would occur inside the microprocessor so that it could never be accessed out of context. I believe there are some ideas going forward in this area. In such a case it might be argued that in such a case security is no longer needed for the wireless links but, in practice, there are attacks other than on data content which need to be defended. I think you'll still need separate wireless security for the foreseeable future.


Warchalking, Wardriving, Warspamming - these are just some of the terms we see frequently in the news. Do you see these actions as a real problem or is it just the media making things bigger than they are?

Well, far be it from me to suggest that the media exaggerate things! These attacks are real and go on everyday. But I have to say I've never seen anyone walking round my district with a laptop and a piece of chalk. For me, the novelty of war driving could wear off pretty quick. These days there are so many Wi-Fi networks out there, and so many of them are unprotected, you probably don't need to drive anywhere. Chances are your neighbors are already open for business! This is the problem we need to address.

What are your predictions for the future when it comes to wireless security? There has been a lot of talk about the insecurities of the Wi-Fi Protected Access (WPA) security standard.