WIRELESS NETWORKING

The Woes of WiFi, Part 2: Digital Defense

Print Version
E-Mail Article
Digg It
Reprints

By Jack M. Germain
TechNewsWorld
08/18/07 1:30 AM PT

Many wireless users think running the same antivirus and firewall programs on a laptop will provide security when they connect to a WiFi point. That thinking, however, is very wrong. Device security is no longer related to just mobile computers. All mobile equipment with Internet and WiFi access -- iPhones, PDAs, smartphones, etc. -- are part of the security risk.


What’s Linux with a Lineage?
Verio Linux VPS delivers root access, advanced FairShare technology for better performance, and support that's actually supportive. It's all from Verio, the Virtual Private Server technology pioneer with over 500,000 customers. Test-drive Linux VPS here.

WiFi has became pervasive. Not just laptops, but an arsenal of palmed-sized devices including smartphones, PDAs Blackberry Professional Software from AT&T. Save up to 57% until June 6th. Click to learn more. Latest News about PDAs (personal digital assistant) and mobile media players, now connect to the Internet Over 800,000 High Quality Domains Available For Your Business. Click Here. using Wireless Fidelity technology.

However, many users are clueless about security Free Trial. Security Software As A Service From Webroot. and connect to password-protected accounts and financial Web sites thinking that they are as secure as computing on their home or office New HP LaserJet P4014n Printer Starting at $699 after $100 instant savings. desktop.

They aren't, warn network security experts.

"The learning curve on WiFi security is just now ramping up. Users don't know about settings," Steve Gorretta, director of product marketing E-Mail Marketing Software - Free Trial. Click Here. at 2Wire, told TechNewsWorld. 2Wire is a manufacturer of home networking Latest News about home networking products.

Part 1 of this two-part series expanded on the dangers and weaknesses of public WiFi hotspots. Part 2 features tips users can take advantage of to protect themselves from snoops.

Basic Security

Many wireless users think running the same antivirus and firewall programs on a laptop will provide security when they connect to a WiFi point. That thinking, however, is very wrong.

Device security is no longer related to just mobile computers. All mobile equipment with Internet and WiFi access -- iPhones, PDAs, smartphones, etc. -- are part of the security risk.

"The Web has become the great equalizer. It negates individual protocols though some Web protocol all devices use," Corey O'Donnell, vice president of marketing for security software firm Authentium, told TechNewsWorld.

Third-party programs only defend against attacks from within the connection. WiFi security is the outer wall. It is the first level of defense. Antivirus protection is secondary protection, explained Gorretta.

To build that outer protective wall, WiFi connections should be protected by either WEP (Wired Equivalent Privacy) or WPA (WiFi Protected Access) encryption. Of these two methods, the WPA standard is newer and more resilient.

Encryption features are usually turned off in the default settings for routers and WiFi card installations. Users have to learn to enable encryption.

Default Barriers

"Turn on encryption at the gateway. The default setting usually has encryption turned off. The rest of the industry needs to change the default strategy. But there are barriers to doing this," Gorretta said.

Those barriers are largely time and money savers for the product manufacturers. The computing industry needs to get behind a movement to make default installations of all wireless equipment turn on encryption, he urged.

The barriers involve the installation process itself. With the default set to no encryption, new users will be able to connect to the Internet as soon as the installation is completed.

Having a different default adds to the installation process, according to Gorretta. Users would have to find and enter the encryption key and password during the setup process.

This added requirement would also cause a burden for customer support. This procedure is also harder to do with off-the-shelf products, according to Gorretta.

WiFi How-To Tips

Between the mobilization of business , the convenience of WiFi connections -- especially the free networks -- and the consumer entry of WiFi-enabled smartphones like the iPhone, wireless networks are receiving more traffic than ever. Just a little security knowledge can go a long way for users everywhere.

With that in mind, TechNewsWorld asked several security experts for their best tips in avoiding hackers when using WiFi connections.

Best Practice for WiFi-Enabled Handhelds

-- From Richard Rushing, CSO at network security firm AirDefense Latest News about AirDefense

  • Disable the wireless feature when not using the device.

  • Avoid hotspots at places like hotels, airport clubs, libraries.

  • If using a hotspot, only do so for Web surfing.

  • Enter passwords only onto Web sites that include an SSL (secure sockets layer) key at the bottom right.

  • When IMing or using e-mail from hotspots, avoid providing proprietary information for possible consumption by hacker.

  • Avoid unknown, free WiFi links. Chances are very good that the free access will be a ploy to steal access ID.

  • Social engineering is still a key tool hackers use to trick you into divulging sensitive details. Don't be chatty or cooperative when asked for personal information.

  • Always check with the hotel or restaurant about their WiFi access. It is easy for a hacker Latest News about hacker to set up a bogus lookalike access point for that location. In many locations you cannot tell if the WiFi access is legitimately provided by that business.

Public Hotspot Safety

-- From Corey O'Donnell, vice president of marketing for security software firm Authentium

These tips are based on the results of a study conducted at Chicago O'Hare International Airport.

  • Look for official corporate logos on airport-sponsored free access. It is easy for hackers to set up official-looking hotspots.

  • Be aware of exposed folders and files on your computer. Make sure you disable the share files feature.

  • Keep up-to-date antivirus and firewall products. If you do latch onto a dirty hotspot, you want to be able to detect and contain any viruses downloaded to your portable device.

  • Use a corporate VPN (Virtual Private Network) whenever possible instead of a public WiFi point.

  • Set up specific user profiles for different connection scenarios. For instance, have one profile for family log-ons, another profile for connecting to a bank and a separate profile for logging onto shopping Web sites.

  • Have different credentials like charge accounts, user names and passwords for specific online accesses. Then you can see which account and online access was compromised if someone attempts to steal your identity. Meanwhile, your other online visiting spots will remain safe.

Final Considerations

Users of private WiFi services also need to be careful, warned O'Donnell. Most of these providers do not offer security on WiFi connections. All connected devices are equally hackable, he said.

"But joining a reputable network limits the risk caused by using unknown providers," he said.

Also, look for the terms and conditions page when when signing on to a WiFi hotspot, suggested Rushing. Legitimate access providers usually require you to acknowledge their terms and conditions before letting you gain full access.

Finally, for better protection, look for hotspots that have account-only access, suggested Gorretta.

"Join that network, even if you take the minimum usage package. It will offer a VPN-like tunneling to provide better security. The subscription services have good auditing controls to monitor who is connected," he concluded.

The Woes of WiFi, Part 1: Insecure by Default

Letters: Click here to send a letter to the editor...
Talkback: Click here to add your comment about this story...

Print Version E-Mail Article Digg It Reprints More by Jack M. Germain   RSS

Related Resources

Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]