| The widespread use of Wi-Fi Technology is | | | | - CoffeeHouse |
| bringing to light many security issues that | | | | |
| may have gone unnoticed by the average user. | | | | - CofeeeHouse |
| Traditional wired connections have obvious | | | | |
| security precautions that most users are | | | | The hacker is hoping his network shows up |
| accustomed too, but extra measures must often | | | | first in the list, and that users will log on |
| be used when transferring data across a | | | | so quickly they won't realize what they are |
| wireless, and sometimes public network. A | | | | doing. |
| wireless Internet connection without security | | | | |
| can easily give anyone access to your files, | | | | WPA (Wi-Fi Protected Access) |
| email, and even gives others the ability to | | | | |
| make changes to your computer. | | | | WPA was originally designed as an answer to |
| | | | security holes that were becoming apparent in |
| These types of security problems will | | | | the widely accepted WEP technology. Wi-Fi |
| probably have little impact on most users. | | | | Protected Access is an attempt to create |
| Occasionally surfing the web at a coffee shop | | | | standards within the wireless security |
| or having a wireless adapter set up on a | | | | industry, and begin a move towards unifying |
| printer will likely not bring down the house. | | | | the market. The Wi-Fi Alliance designed the |
| To a business holes in security can cost | | | | technology and a scattered market is |
| time, money, and could possibly be a legal | | | | beginning to see a unified method of security |
| violation. A badly secured Wireless Internet | | | | on the horizon. |
| connection is an open door for hackers to use | | | | |
| the technology to cause general mischief or | | | | The two main differentiators between WPA and |
| to even commit crimes. The most common | | | | WEP are key size and the number of packets |
| methods currently in use to secure a Wi-Fi | | | | that actually carry the key. The number of |
| connection are SSIDs, Wi-Fi Protected Access, | | | | characters in a WPA key is considerably more |
| and WEP. | | | | than a WEP key, and it would taking sifting |
| | | | through many more data packets to actually |
| SSID (Service Set Identifiers) | | | | put a WPA key together. |
| | | | |
| Every data packet sent over a Wi-Fi | | | | WEP (Wired Equivalent Protection): |
| connection has a specific identifier attached | | | | |
| to it. This identifier, or SSID, can | | | | Wired Equivalent Protection uses encryption |
| recognize particular wireless networks and | | | | to protect data as it travels via radio waves |
| everyone accessing a particular network must | | | | from transceivers. This means that when you |
| have the correct Service Set Identifier. From | | | | send your email from your laptop it becomes |
| a security standpoint SSID alone offer almost | | | | encrypted, is sent out wirelessly on radio |
| no protection, but it does give a network a | | | | carrier waves, is received by a wireless |
| specific name making is clear what network a | | | | access point, is then decrypted and sent on |
| user in connected too. | | | | to the Internet as any wired connection |
| | | | would. As the name implies this security was |
| Knowing where you are connected too has | | | | designed to provide the same level of |
| become increasingly important due in part to | | | | security a wired connection would. This is |
| a wireless internet attack called The Evil | | | | not the case, but the security is usually |
| Twin. While this may sound like something Dr. | | | | strong enough for most users. |
| Evil would use, it's a common hacker | | | | |
| technique. The way it works is a hacker takes | | | | The reason WEP has never become as secure as |
| in a mobile wireless access point, usually | | | | a wired network is there is simply no way |
| set up on a laptop, and then enters a public | | | | around the fact that anyone can intercept |
| area where an access point already exists. If | | | | radio wave and get the data out of them. The |
| no SSID is set up, then someone may actually | | | | level of encryption that the data has will |
| log on to the hacker's computer giving them | | | | mean the information is meaningless unless |
| access to all data sent and received. This is | | | | the interceptor has the WEP key. The problem |
| a great way to get access to usernames and | | | | here is that all data packets carry a piece |
| passwords. | | | | of the key and that in time, with enough |
| | | | packets, the key can be produced. This is a |
| Even with SSID a hacker is going to name | | | | lot of trouble to find out where a user has |
| their network something confusingly similar. | | | | been surfing, but maybe not too much to |
| If you are at your favorite coffee shop and | | | | acquire hundreds of credit card numbers. |
| are about to log on, check the names of the | | | | Again if you are not targeted by a hacker, |
| networks carefully. Be careful if you see | | | | WEP is surely enough protection. WEP is |
| two possible networks with very similar | | | | currently installed on almost all wireless |
| spelling like these: | | | | routers available to consumers. |
| | | | |