Recently in Wireless Security Category

Article about the legal rights and wrongs of WiFi

By Rory2 on October 31, 2005 8:31 PM | No Comments | No TrackBacks

Sunbelt BLOG: WarXing

It's interesting to see a legal opinion on the items relating to wireless networking..

the opinion seems to be "don't connect to someone else's wireless and if you do don't download a lot of traffic"

My (and IANAL) opinion is that this line of thinking applies if the person is aware that they're connecting to a network that they shouldn't, but there are two points which make this a lot less clear.

1) there are a number of legitmately free wireless networks and more municipal wi-fi connections appear to be being setup. So how is a non-technical user meant to know whether the network they've connected to is free or not?

2) Operating system and client software behaviour may not help. windows xp (pre-sp2) will by default connect to wireless networks that are available, so is a user responsible if that connection is made..?

And where a case where someone has deliberately and knowingly connected to a wireless network that they shouldn't have, how is the legal system meant to determine that they did know and didn't think that they'd connected to a legitimately free network...?

Airmagnet Spectrum analyser review

By Rory2 on October 5, 2005 1:04 PM | No Comments

TomsNetworking Product Reviews : TomsNetworking :

Review of a very interesting product from Airmagnet. I've used their laptop analyser product, which is great for Wireless Security Site Surveys, but the spectrum analyser is more focused on the performance site survey side of things.

V.cool to be able to track down all the sources of interference (and find the microwave in a big building!)

Interesting Wireless Security Development

By Rory2 on September 5, 2005 7:25 AM | No Comments | No TrackBacks

Mobilised com au - BETTER WIRELESS SECURITY

This announcement from Intel and Cisco could be good for wireless networking security, although at the moment it does seem a touch light on detail. Of course the worry I'd have with this kind of partnership is that the parties might choose to keep their enhancements proprietary, which would not be a good thing...!

I like NAC as an idea, but I've not seen any large deployments of it yet, so I'm unsure as to whether it would be a manageable/scalable solution.

Out of date opinions...

By Rory2 on September 5, 2005 7:05 AM | No Comments | No TrackBacks

SC Magazine

I was looking for some wireless security articles this morning and came across this one which appears to be saying that wireless networks are fundamentally insecure and therefore the answer is to run VPN's over them....

Now this might have been the only answer before 802.11i was agreed and issued, but nowadays I'd say that a possibly better alternative to running a VPN over wireless is to run a decently secured client, use multi-factor authentication with PEAP, use AES for encryption and put some decent level of firewalling in between the wired and wireless networks to restrict what can be transferred from one to the other.This way you leverege your existing investment in wireless equipment...

Of course a cynic might also have pointed out that the author of the article is Chief Technology Officer of a company who make......... wireless VPN's!

Mobile phone virii

By Rory2 on August 31, 2005 6:55 AM | No TrackBacks

Bluetooth adverts spark virus fears - vnunet.com

Story discussing a new advertising technique whereby content is transmitted directly to bluetooth phones, and pointing out the risks of getting users in the habit of accepting content beamed to them.

The comments from the company making the advertising mechanism are interesting. They seem to be saying it's ok because their campaigns only contain music and video and not applications, and that users should never install unrecognised applications...

To me this seems either a bit naive. If you look at the PC market, you see exploits where malicious code pretending to be music or video files can be executed due to vulnerabilities in media players. Also you're relying on users to be able to tell the difference, and spyware makers have proven very good at getting people to believe that their content is not an "unrecognised application" in order to get installed....

Mobile Phone Tracking

By Rory2 on August 5, 2005 7:41 AM | No TrackBacks

BBC NEWS | Technology | Tracking a suspect by mobile phone

A decent description of the ease with which people can be tracked, based on their mobile phones. In this case used to track down a terrorist suspect.

Also describes potential methods of phone tapping used by the police.

Interesting new Bluetooth attack

By Rory2 on June 6, 2005 6:52 AM | No Comments | No TrackBacks

Schneier on Security: Attack on the Bluetooth Pairing Process

Here's a note from Bruce Schneier on an interesting new attack on the bluetooth protocol (or more accurately common implementations of the protocol)...

Following this, if there are tools released which implement the attack, it'll really reduce where bluetooth should be used in corporate settings... all those lovely bluetooth headsets that people in the UK have bought...

« Web Services | Main Index | Archives

Categories

Monthly Archives

Pages

Powered by Movable Type 4.32-en

Search

About this Archive

This page is an archive of recent entries in the Wireless Security category.

Web Services is the previous category.

Find recent content on the main index or look in the archives to find all content.