Posts
WHAT IS WiFi
WiFi, aka wireless fidelity is the way to connect devices together without wires. It can be done in homes, businesses, between businesses etc. WiFi offers a lot of advantages over LANS, but it does include disadvantages.
HOW DOES IT WORK
Wireless Internet Access has four components that form its structure: high-speed access, a networking gateway, a wireless network and a wireless customer. The customer connects wirelessly through the wireless network to the gateway, it then launches their internet browser, authenticates through the gateway by entering a coupon code or purchasing time and the user has high-speed internet.
The four components are:
1)High-speed access which is also known as broadband is an internet connection which is generally faster than dial up service. Examples of high-speed internet access are ISDN, cable modem, DSL, and also satellite services.
2) Network Gateway is between your high-speed access connection and the wireless network, it acts like a gate. This gate will prevent people from accessing your wireless network unless you know about it, the gateway also allows managing tools as well. These can include authentication, network monitoring, and other services such as printing and voice over IP.
3) Wireless local area network is a system of connecting PC's and other devices within the same physical proximity using high-frequency radio waves instead of wires. Wireless networks work as long as your wireless ready device is within range.
4) Wireless customers are people who have a PC and a wireless adapter which means they can access the internet wirelessly. The wireless adapter can be built in or it can be an external device plugged into your computer.
WiFi, allows a universal internet connection to be broadcasted through radio waves.
Radio waves are what make WiFi exist and run. They allow WiFi networking to occur between numerous people. The radio waves are transmitted from antennas and routers and are picked up by WiFi receivers such as computers and cell phones equipped with WiFi cards. When these devices receive a signal within the range of a WiFi network, the WiFi card then reads the signals and produces an internet connection without a cord. Once a connection is established between user and the network , the user will be prompted with a login screen and password if it is fee based.
WiFi networking around the world is creating not spots in the cities where anyone with a laptop can wirelessly plug into the internet. Hot spots are connection points for WiFi networks; areas where wireless internet is available for those who have internet ready devices. Hot spots are becoming available everywhere, in restaurants, hotels, airports, schools, etc.
The following is a simple and understandable way to picture the way WiFi works. The main source is the antenna; the antenna sends radio signals to the people who want to access the internet. The people wanting access must have a Wife card; the Wife cards receives the radio signals through its' Wife receivers and creates a wireless connection.
Types of Wi-Fi networks
Enterprise Wi-Fi networks
An enterprise Wi-Fi network has multiple wireless access points to provide ubiquitous coverage, hotspot coverage, or ubiquitous and hotspot coverage. You can use a Wi-Fi enabled BlackBerry device in any coverage area.
You can configure an enterprise Wi-Fi network to require layer 2 authentication. An organization might consider an enterprise Wi-Fi network to be untrusted and require that all Wi-Fi connections to the organization's network occur through a VPN concentrator. You must configure Wi-Fienabled BlackBerry devices to support the authentication type that your organization uses.
An enterprise Wi-Fi network permits optimized access to the BlackBerry® Enterprise Server over a direct IP connection to the BlackBerry Router.
Home Wi-Fi networks
A home Wi-Fi network uses a single access point to provide Internet access through a broadband gateway. The broadband gateway can implement NAT and permit VPN connections through the firewall. You can configure a home Wi-Fi network with layer 2 security and password authentication. You must configure BlackBerry devices to support the authentication that the homeWi-Fi network requires.
A home Wi-Fi network permits users to access all BlackBerry services fromWi-Fi enabled BlackBerry devices using the BlackBerry® Infrastructure.
Hotspots
A hotspot offered by an ISP, a mobile network provider, or a property owner can provide a Wi-Fi connection in public and semipublic areas. The network can be an open network without layer 2 security and use a captive portal for authentication. The captive portal blocks all network traffic except traffic that uses HTTP and it redirects HTTP requests to a login page.
After a user logs in to the hotspot, the captive portal permits the user to access wireless network services.
Hotspots can use a firewall and they can permit VPN connections. A hotspot permits users to access all BlackBerry services from their Wi-Fi enabledBlackBerry devices using the BlackBerry Infrastructure.
BENEFITS OF WiFi
•Freedom of Movement
•Many compatible devices
Continuous connection to a network from a variety of sites.
•No wires = lower installation costs
HOW SECURE IS WiFi
WiFi has had, and continues to have several security issues. In September of 1999 WEP (Wired Equivalent Privacy) was the standard for wireless PC’s. WEP is used in the physical and data link layers, and was designed to give wireless LANs the same security that wired LANs had. WEP provided security by encrypting the data while it traveled from one end point to the other. Unlike wired LANs who’s networks are usually inside of a building where it’s protected wireless LANs are more vulnerable due to the fact that the data travels over radio waves which are much easier to intercept. Another reason WEP is vulnerable is because in some corporations the managers do not change the shared keys for months or years at a time. That is way to long for the key to be in use, with that much time the key can get into the wrong hands, which could be disastrous for the corporation.
In 2002 the wireless LANs security was upgraded when WiFi Protected Access (WPA) was introduced. WPA had several improvements like better encryption, and it also used the RADIUS-based 802.1X, which authorizes the user to gain access to the ISP provider. Also the setup for WPA was much simpler than the setup for WEP. WPA came in two types, Enterprise which was used for corporations, and also Personal which was used for home users.
In June of 2004 802.11i was completed and became the new and current standard for WiFi. 802.11i is also known as WiFi Protected Access 2(WPA2). WPA and WPA2 have several of the same qualities, but WPA2 upgraded its encryption of data with the Advanced Encryption Standard (AES). There is a problem with AES however, and the problem is that this could require hardware upgrades for many wireless LANs. WPA2 is compatible with WPA products, and consumers can upgrade to WPA2 easily. However WPA2 is not compatible with the original WiFi standard WEP. Also like WPA, WPA2 has two versions, WPA2 Enterprise is for corporations, and WPA2 Personal is for the home users.
Many corporations today use a Virtual Private Network (VPN) to send and receive important information. Virtual Private Networks use the internet to send and receive information by creating a tunnel connecting the two end users. VPN encrypts the data to keep any hackers from stealing the information while it is being sent. To use a VPN the two end users must be using the same authentic protocol or it will not work. The authentic protocol gives only certain users access to certain information.
There are several other ways to protect your wireless computer and the information that is stored on it. One of the first things you should do is to change the default information on your wireless router. The reason for this is that many hackers have gained access to the default information from the different companies who create the wireless PC’s, which makes it easier for them to get into your computer information. You should also have strong passwords on your wireless computers to keep the hackers from getting into your sensitive data. Another way to protect yourself is to download firewalls onto your computer. Firewalls monitor, and restrict the traffic that comes in and out of your computer. Downloading anti-virus software onto your computer is another way to protect your computer. You should update your anti-virus software often, because within one month there are at least 10 to 50 new viruses, or worms that the anti-virus software is not capable of protecting your computer against. If you take your personal wireless computer out in public you should turn off your file sharing. Keeping your file sharing on is an easy way for hackers to get into your system. Also when you are not on your computer, you should turn it off. This is the surest way to keep hackers out of your computer files. They can’t get into the system if it’s not on. There are several other ways that you can protect your sensitive data, but these are a few simple things that everyone should do to protect themselves, and their data.
Wifi Vulnerability
I've been thinking about the security vulnerability in WiFi network cards announced yesterday, and I'm starting to wonder if there's really all that much to this. The security hole was demonstrated on a MacBook with a third-party WiFi card installed, and was shown in a video tape rather than in a live demonstration. Very little additional information was given, other than that the bug was in the WiFi driver.
This strikes me as odder and odder the more I think about it.
To begin with, the hardware used is really unusual--probably less than one in ten thousand MacBooks will have a third party WiFi card installed, for the simple reason that all MacBooks come with built-in WiFi. The only reasons to have a third party card would be because the built-in WiFi broke (and the MacBook is a new machine, so they're all still under warranty), or because the user wants to connect to two networks simultaneously.
So it is reasonable to ask why they would choose to use a hardware combination so unusual as to be almost nonexistent in the real world. The given answer was that they chose Mac to tweak the image of Apple as a secure platform (the actual quote is somewhat more colorful), but used a third-party WiFi card because they didn't want to leave the impression that it was just an Apple problem. Huh? A finer example of pretzel-logic I have rarely seen.
In the absence of more details, it is entirely possible that this bizarre hardware was chosen precisely because it has a unique vulnerability which does not exist on more common platforms. This undermines the implication in the demonstration video that every WiFi equipped computer is vulnerable.
To put a finer point on it: if the flaw is in the WiFi device driver (as claimed), then every combination of WiFi hardware and OS will have, potentially, an entirely different set of vulnerabilities. Some drivers might be very bad, and others very good. It is possible that this hardware was chosen for the demo because it has a particularly bad driver, but that doesn't translate into a real-world problem since almost no real users would be using the buggy driver. (What's more, we shouldn't fault the manufacturer if they didn't rigorously test their software with hardware that nobody uses. As with anything else, there is a law of diminishing returns in testing.)
My next problem has to do with the way the demo was carried out: on video. The stated reason is that they didn't want anyone sniffing the WiFi connection and discovering the attack before it could be patched. That's an entirely reasonable concern. But it also conveniently avoids almost all independent scrutiny of the attack, and even the most basic questions about the level of the problem.
And that gets me to the third issue I have with this claim. The people responsible for the demo are spinning it as a major flaw affecting every WiFi equipped computer out there (and getting a lot of publicity as a result), but have given almost no information about what hardware and software might actually be vulnerable, and under what conditions. Some very basic questions have yet to be answered about the scope of the problem, such as:
* Is this a universal flaw, something unique to this oddball hardware combination, or a class of problems the severity of which can vary widely between configurations? For example, is the MacBook's built-in WiFi also vulnerable? What about PowerPC-based Macs? Or Windows laptops?
* This attack used (effectively) a malicious base station. What network states make a computer vulnerable? Is the computer only safe if the WiFi is actually turned off, or is it safe when connected to a trusted base station? What about when it is attached to an encrypted network? Or does it depend on the particular hardware? What about configuring the computer to only attach to trusted networks?
* Is firewall software an effective defense against this class of attacks, or not?
In sum, is this really the huge problem that the headlines imply, or just a case of the hardware company (Apple) failing to test its device drivers with a particular third-party add-on that nobody is likely to install? Inquiring minds want to know.
(And in the meanwhile, the practical advice--turn off the WiFi when you're not using it--still stands. As a bonus, turning off WiFi extends the battery life of the laptop.)
Apparently a lot of wi-fi drivers on laptops and personal computers have some serious security vulnerabilities which could allow anyone within wireless range to break into the machine.
Fortunately, there's an easy cure: turn off the wi-fi.
Even though there's no attack "in the wild" as yet, consider this a warning. Until the computer manufacturers issue updated drivers to fix the problems (which I don't expect will take long), be sure to turn off your wireless network unless you're actually using it.
FUTURE WiFi ADVANCEMENTS
Bluetooth is a wireless technology that allows computers, phones and other devices to talk to each other over short distances (typically about 10 meters). It is found in many of the newer mobile phones, handheld computers, and laptops as well as in other sorts of products. Bluetooth uses radio waves and is designed to be an inexpensive way of connecting and exchanging information between devices without wires. Bluetooth can be used to exchange business cards or even used for sending voice from a headset to a mobile phone. Examples of this type of technology are the Nokia 6600 and the Sony Ericsson P900 mobile phones. These specific phones allow you to connect your PC and enable you to transfer files and perform backups. Some of the disadvantages to this technology are that confidential data can be obtained, anonymously, and without the owner’s consent from other Bluetooth enabled mobile phones. This data includes not only the phonebook and calendar, but media files such as pictures and text messages. Most devices have and option where you can put your device into a non-discoverable state so that you are invisible to other Bluetooth devices. While in this mode all your information and data are safe. However, in order to receive business contacts wirelessly you will need to place the phone in discoverable mode.
Bluetooth is all good and well but one of the most leading technologies is Ultra-wideband (UWB) modulations. UWB usually refers to a radio modulation technique based on transmitting very-short-duration pulses, whereby the occupied bandwidth goes to very large values. This may also be used to refer to anything with a very large bandwidth. UWB is now going through the necessary authorizations and developments for public and commercial use. There's a possibility that this will become the "next best" technology for all types of wireless networks, including wireless LANs. Because UWB operates at such low power, it has very little interference impact on other systems. Another advantage is that it could connect virtually every multimedia device in your home without using any wires. Digital cameras and camcorders could wirelessly stream images and video to your TV or and flat screen monitors could wirelessly connected to computers, DVD players, or any other source you desire. UWB will very likely revolutionize the home multimedia scene and eliminate all the tangled wires found behind home entertainment centers.
A Radio Frequency Identification (RFID) tag is a small silicon microchip attached to an antenna that emits a unique serial number via radio over short distances. The RFID device serves the same purpose as a bar code or a magnetic strip on the back of a credit card or ATM card; it provides a unique identifier for that object. And, just as a bar code or magnetic strip must be scanned to get the information, the RFID device must be scanned to retrieve the information. In contrast, RFID devices will work within a few feet (up to 20 feet for high-frequency devices) of the scanner. For example, you could just put all of your groceries or purchases in a bag, and set the bag on the scanner. It would be able to query all of the RFID devices and total your purchase immediately. RFID tags can also be placed in living organisms to help track or identify them within short distances. This is not extremely dangerous but it will need to be encased in a special kind of casing that will not irritate or react with the living tissues that it is inserted
into. Some of the disadvantages of this technology are that they are relatively easy to jam using energy at the right frequency. RFID tags are also difficult for consumers to remove; some are very small and others may be hidden or embedded inside a product where consumers cannot see them or get to them. RFID tags can be read without your knowledge which enables others to view information about you. These new WiFi advancements are destined to change the networking world all together. But we must understand that we have to take the proper precautions to make these new technologies more secure for the customers.
No comments:
Post a Comment