Browse archive

Latest news

Experts highlight top data breach vulnerabilities

Review: Logging and Log Management

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

Looking Back At Wireless Security In 2003

by Berislav Kucan - Friday, 26 December 2003.

When taking a look at May, I remember another quote from Wi-Fi Alliance, this time from Kirk Allchorne, marketing co-chairman at that organization, which showed the need for making new security standards: "It has become apparent to us that enterprise markets were avoiding Wi-Fi because of security worries". In the other news, AirDefense's May newsletter featured an interesting list of top 10 Wireless LAN Policy Violations.

In June, we've seen a big plus going to wireless networks, when Intel Corp.'s Chief Financial Officer Andy Bryant said his company had found that the security offered by a "controlled wireless network" was superior to computer security regimes that traditionally have blocked wireless access as a threat. The end of the June was marked by a third World Wide WarDrive. This is an effort by security professionals and hobbyists to generate awareness of the need by individual users and companies to secure their access points. The results showed that things are going better, as the number of WEP enabled networks went up and both numbers of default SSID and default SSID + No WEP networks went down.

I need to mention AirDefense one more time, but in July they did another interesting thing. During the 802.11 Planet Expo in Boston, they monitored WLAN activity and published their findings. The results showed a lot of malicious activity. Citing the "explosion" of wireless hotspots in public spaces, homes and businesses, IBM Corp. in October unveiled a new managed intrusion detection service targeted at wireless networks. According to Shane Robison, HP executive VP, HP has security projects in development such as moving its SSL-based VPN technology to 802.11 wireless networks.

November brought us "Weakness in Passphrase Choice in WPA Interface" by Robert Moskowitz, a senior technical director at ICSA Labs, part of TruSecure Corp. In his paper, Mr. Moskowitz describes a number of problems with the new WPA standard, including the ability of attackers to sniff critical information from wireless traffic and to discover the value of a wireless network's security key.