Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[tickmike]

Yet another hole in your defences.

http://news.bbc.co.uk/1/hi/technology/7052223.stm

I was glad I put in a 'Wired' network when I built my house and do not use wifi.

Although I live in a small village I can  pick up several un-secure wifi signals which I could have locked on to and used if I was that way inclined !.

Michael.

[mr_chris]

Hmm - not really anything groundbreaking - we all know that WEP isn't really massively secure. I use WPA at home which the article doesn't really touch on. In fact I think the availability of WPA devices is better than what the article would suggest.

It's all a bit scaremongering in true BBC fashion, unfortunately. No wireless network is going to be 100% secure, but you can do a lot better than just sticking a 64-bit WEP key in there and hoping for the best! That article suggests that this is pretty much most people's only option, which is misleading.

It is amazing however, how many people still use totally unsecured wireless access, and the amount of 'free' internet access that people get through unsuspecting neighbours!

[roseway]

As you say Chris, it's not news. A lot of responsibility for the problem must lie with the hardware manufacturers, most of whom supply their wireless equipment with an unsecured wireless configuration by default. The first thing I would always do with a new wireless router is disable the wireless, then set about configuring it properly with WPA. But of course there are lots of people out there who wouldn't even realise that it mattered.

[mr_chris]

Well, while they do, at least it keeps me in a bit of a pocket money job sorting out wireless security for people! Seriously though, the likes of BT have it right, they provide their wireless routers with a random hexadecimal WPA key printed on the bottom of the router. Perfect, you never need to change it and it's always there in case you need to re-input the key at any point.

It's perfect for home use, as it's obviously intended for, which means the wireless is never left open by default to allow someone to compromise it.

Technology in general is sold to the masses without proper instructions. As you say, hardware manufacturers are to blame. Mind you, I have found it a godsend sometimes when netgear routers are unencrypted by default, especially when you go to someone's house to install a new one for them and you forget to take a LAN cable!! So they can't win, really

Still think BT have the best idea (and it's not often you'll hear me say that about BT!!)

[guest]

Its another classic BBC report written by a numptie journo

If you want to know how to get them to print things then this looks like a classic example :

1) Source ALL the info for them (links at minimum);
2) Write the techie stuff for them;
3) Suggest its a big problem.

That does the trick. Well it does if you wish to get Schofield in the Guardian to write something - can't see why the BBC should be any different.

Be do the same as BT Chris and as you say its perfect. Problem has always been that the hardware manufacturers never wait for specs to be formally ratified before kicking kit out the door so we end up with execrable "solutions" which are really just bodges. Someone I respect highly in the crypto community* told me that WEP was weak encryption (half the key is just filler at best) at least a year before the first crack was demonstrated. I binned it there and then.

*Bruce Schneier in case anyone is interested