--Originally published at The Hitchhiker's Guide to information security… according to me!
Do you know why people are afraid of anything? It sums up to a one and only fear, the fear to die. Everything comes back to that, even if you are afraid of talking in public, if you fail that makes you think that people will isolate you, meaning that your chances of survival will decrease, hence fear of dying. But sometimes there are things that we should be afraid of and we aren’t, and it’s mostly because we don’t know the dangers behind them. There are many dangerous things in the world and one of them is the WIFI connection. (sounds of thunders and creepy music)
Unintentionally wifi connections may be unsecured because of a wrong configuration that allows unencrypted messages to be send or not allowed users to connect to it and it’s even worse when we are talking about open networks that allows access to any user. This exploits are used by hackers to steel information, use your computer for malicious purposes or distribute malware to all the users in the network.
A few attacks you can suffer on a wireless network are the next:
- Accidental association
- Malicious association
- Ad hoc networks
- Identity theft
- Man in the middle
- Network injection
There are some security measures that are used to protect this networks but sadly some are not secure enough and many people are not aware of it. For example:
WEP (Wired Equivalent Privacy): this was the first standardized way of securing a network. Many old routers still use it. It’s unsecure because it allows easy key decryption and network eavesdropping. Because the initialization vector (a constant use to start encrypting a message) is really short, it will repeat eventually, and when that happens the hacker can use it to find your encryption key and decrypt all
WPA (Wi-fi Protected Access): This was a quick measure to fix all the security flaws on WEP. It encrypts each packet uniquely assuring that nobody can retrieve the encryption key from it and avoids packet injection replacing CRC packet integrity algorithm used in WEP with TKIP. Nevertheless there are exploits that allow some small packages and parts of big packages to be decrypted, and also to inject small amount of code to some of the packages in the traffic, making WPA better that WEP but not totally secure.
To avoid any regrets the latest and the best security countermeasures until now are the following:
802.11i and WPA2: WPA2 is the latest security measure for implementing in wireless networks. It fixes the problems of WPA by replacing the TKIP for CCMP for cryptographic encapsulation.
Smart card, usb and tokens: this is a strong way of securing the network because it depends on a physical token that it’s synchronized with the session of the user that has a powerful algorithm that is frequently generating new encryption codes.
Rf shielding: This is a physical and not a configuration solution. It refers on using special painting on the walls of the building for restricting the wireless to the insides. Making out of the building hacks impossible.
So now that you know the dangers of being alone in an open network think twice of the risks you’re taking. Someone may succeed on stealing your information and posting it on the web making society reject you and making your chances of survival decrease… hence dead. Must of this problems can be solved by adding the right configuration to your network, so after making sure everything it’s ok, you should at least take some precaution. We don’t go around feeling scared of dying from falling from the stairs… but you never know.
Post in collaboration with
Salvador Ahedo and Marysol Sanchez
https://marysolsh.wordpress.com/
