Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Latest News
    • Mobile

    A Wireless Security Disaster

    Written by

    Lance Ulanoff
    Published January 9, 2003
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      I couldnt believe my ears. There I was sitting across from a PR representative for a major peripherals manufacturer when, in response to a standard but important wireless networking ease-of-use question, she told me I could find the answer “in our [companys] 70-page manual.” Unbelievable. I mean, really. Thanks for nothing. I mean….Actually, I should back up a bit.

      I had just witnessed a product demonstration where the vendor rep explained (and supported with a series of chart- and graph-covered slides) the companys belief that wireless networking in the home would eventually become as widespread—and easy to use—as the refrigerator (Im paraphrasing, somewhat). Its an assessment I wholeheartedly agree with. Home networking has been a growing trend for years, and now lower costs coupled with the rapid adoption of 802.11b and devices that combine the a, b, and even g 802.11 wireless capabilities propel the growth even faster.

      The rep even talked about the wizards that would speed installation of the companys products and mentioned the companys 24-hour tech support. I asked what sort of guidance users would receive for WEP (Wired Equivalent Privacy) setup and for changing the default SSID (Service Set Identifier). The PR person stared blankly at me and then said that users could find the information about how and why to use such critical settings not in the setup wizard, but in the browser interface that lets you control the router and in “the 70-page manual.”

      To be fair, I should say that this is the common practice. The information on WEP and SSID configuration for my SMC Barricade wireless cable/DSL router is poor. The WEP configuration portion of the manual is abysmal and the information in the Web-based router setup is even worse. The only reason I knew to change my SSID and apply WEP encryption was because Craig Ellison, the PC Magazine Labs director of operations, recommended that I do so.

      In order for WEP to work, you must set all systems on the wireless network in accordance with the WEP configuration of the router, which you modify via a browser-based interface on a computer wired to the router. You must enter the matching encryption level and WEP ID (a 10-digit code) in each client PCs wireless configuration utility.

      The Barricade router setup gives you four WEP encryption choices: 64- or 128-bit manual or automatic. I selected one, but the WEP fields filled with bullets, not numbers. I had no idea how to get the values I would need to enter into my other systems, and neither the manual nor the router configuration app offered any assistance. Without the proper WEP ID on the other systems, they would not be able to access the wireless network.

      The vendor with whom I spoke readily admitted that the WEP setup assistance is buried in the manual, along with the important advice on changing the default SSID.

      If wireless networks become as prevalent as refrigerators, we can expect users to treat the equipment much the same way—plug it in and, beyond some initial setting up, forget about it. If a wireless network works (and it probably will) after the purchaser has followed the instructions on the quick-setup sheet, most people will never go further and see the information about setting up WEP or changing the SSID. In other words, I believe were heading for a security disaster.

      Heres the scenario. In roughly three to five years, wireless networking will have achieved the kind of explosive growth in the home market that everyone is predicting. A good portion of those homes will have first- and second-generation equipment thats cheaper than state-of-the-art products. So whatever improvements have been made in security setup and enabling will not be in wide use. This means that all around the world, those with a little networking savvy will be able to sniff WEP-free wireless networks simply by sitting on street corners or in apartment-building hallways or even outside small offices and typing “default” as the SSID in their wireless configuration utilities. I tried doing this on my recent trip to Comdex and was shocked by how many wireless networks at the show were set to “default” or something else that was way too easy to figure out. Hackers are bound to hit an open network. And because early adopters of wireless connectivity will also be broadband users, hackers will be tapping right in to the Internet and maybe even, if security-free users are tunneling into their office LANs via Virtual Private Networks, right into the networks of corporate America and beyond.

      This is not that far-fetched. Those who read PCMag.com regularly already know this. So this warning is really for the wireless-networking product manufacturers. If you want to play in the consumer electronics space and dont want the blame for a widespread security crisis dumped in your lap, you better learn how to speak the consumers language.

      Discuss this article in the forums.

      Lance Ulanoff
      Lance Ulanoff
      Lance Ulanoff is Editor in Chief and VP of Content for PC Magazine Network, and brings with him over 20 years journalism experience, the last 16 of which he has spent in the computer technology publishing industry.He began his career as a weekly newspaper reporter before joining a national trade publication, traveling the country covering product distribution and data processing issues. In 1991 he joined PC Magazine where he spent five years writing and managing feature stories and reviews, covering a wide range of topics, including books and diverse technologies such as graphics hardware and software, office applications, operating systems and, tech news. He left as a senior associate editor in 1996 to enter the online arena as online editor at HomePC magazine, a popular consumer computing publication. While there, Ulanoff launched AskDrPC.com, and KidRaves.com and wrote about Web sites and Web-site building.In 1998 he joined Windows Magazine as the senior editor for online, spearheading the popular magazine's Web site, which drew some 6 million page views per month. He also wrote numerous product reviews and features covering all aspects of the computing world. During his tenure, Winmag.com won the Computer Press Association's prestigious runner-up prize for Best Overall Website.In August 1999, Ulanoff briefly left publishing to join Deja.com as producer for the Computing and Consumer Electronics channels and then was promoted to the site's senior director for content. He returned to PC Magazine in November 2000 and relaunched PCMag.com in July 2001. The new PCMag.com was named runner-up for Best Web Sites at the American Business Media's Annual Neal Awards in March 2002 and won a Best Web Site Award from the ASBPE in 2004. Under his direction, PCMag.com regularly generated more than 25 million page views a month and reached nearly 5 million monthly unique visitors in 2005.For the last year and a half, Ulanoff has served as Editor, Reviews, PC Magazine. In that role he has overseen all product and review coverage for PC Magazine and PCMag.com, as well as managed PC Labs. He also writes a popular weekly technology column for PCMag.com and his column also appears in PC Magazine.Recognized as an expert in the technology arena, Lance makes frequent appearances on local, national and international news programs including New York's Eyewitness News, NewsChannel 4, CNN, CNN HN, CNBC, MSNBC, Good Morning America Weekend Edition, and BBC, as well as being a regular guest on FoxNews' Studio B with Shepard Smith.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.