Study: Wi-Fi users still don't encrypt

Silly Billies


Think you've heard more than enough about war driving and Wi-Fi insecurity? Two days of electronic eavesdropping at the 802.11 Planet Expo in Boston last week sniffed out more evidence that most Wi-Fi users still aren't getting the message -- or are comfortable broadcasting their e-mail into the ether.

Security vendor AirDefense set up two of its commercial "AirDefense Guard" sensors at opposite corners of the exhibit hall at the Boston World Trade Center, the site of the conference, and for two days analyzed the traffic flowing between conference-goers and 141 unencrypted access points set up by the conference for public use, and by vendors on the floor.

What they found was that users checking their e-mail through unencrypted POP connections vastly outnumbered those using a VPN or another encrypted tunnel. Only three percent of e-mail downloads were encrypted on the first day of the conference, 12 percent on the second day. (The company says it counted all VPN or tunneled traffic as e-mail).

That means the other 88% could easily be intercepted by eavesdroppers using commonly-available tools, compromising both the e-mail and the user's passwords.

Additionally, 84 out of the 523 users monitored were configured to allow ad hoc networking, and 74 were configured to automatically connect to the access point with the strongest signal strength -- a default mode that could leave a laptop prey to a rogue access point.

And then there was the hacking. Passive eavesdropping is undetectable, but AirDefense picked-up 149 active scans from war driving tools like Netstumbler, 105 denial-of-service attacks, eight probes for known exploits against access points, and thirty-two attempted man-in-the-middle attacks -- three of the successful.

"People were probably having a little fun, but I'm not sure it was all malicious," says AirDefense's Brian Moran. "The real shocking part was how many people attached to their corporate e-mails without any kind of encryption."

Wi-Fi eavesdropping for any purpose is usually frowned upon in legal circles, but AirDefense was a sponsor and the "official security provider" at the conference, and Moran say the company provided attendees with ample notice of the study. "There were huge signs throughout the place saying AirDefense is monitoring all conference traffic."

© SecurityFocus

Similar topics

Broader topics

Narrower topics


Other stories you might like

  • US, UK, Western Europe fail to hit top 50 cheapest broadband list
    Syria, Sudan, Belarus, Ukraine came top. Are you starting to see a pattern?

    In an analysis of 3,356 fixed-line broadband deals in 220 countries, price comparison website Cable.co.uk found that the UK has the 92nd cheapest internet, beating the US, which came in 134th place.

    Based on 41 packages, the average cost per month for broadband in Britain came in at $39.01. Stateside, this rose to $55, from 34 packages measured.

    For these bulwarks of western democracy, 92nd and 134th place isn't particularly impressive. But if you really want to shave the dollars off your internet bill, you have a number of options.

    Continue reading
  • The right to repairable broadband befits a supposedly critical utility
    A bolt of lightning has caused me days of misery, because the fix requires too much proprietary tech

    Column I heard an electric discharge, a bit like a Jacob's ladder, immediately before a deafening crack of thunder. I'd never been so close to a lightning strike! All of the lights in the house went bright, then dimmed, then went back to normal. "Uh-oh," I thought, "I'm in trouble now." Everything in the house had been hit by a nasty surge and the oft-spoken aphorism that broadband services are now a utility to rank with water and electricity was suddenly very, very, real to me.

    But it was electricity I worried about first. I use top of the line surge protectors so my most sensitive devices – computers and monitors, of which I have many – all seemed fine. But I'd overlooked two other connections that come into nearly every home: the antenna and the phone line.

    My television seemed to have taken a direct hit. It still worked – mostly – but appeared unable to receive any digital broadcasts. That circuit, lying on the other side of the antenna lead, likely took a big hit from the lightning strike. But the rest of the television seemed fine – at first. After a few days, and several spontaneous reboots, I began to intuit that devices don't always immediately fail when hit by lightning. Sometimes they gradually shed their functions and utility.

    Continue reading
  • Telecoms growth forecast for 2022 may be optimistic
    Analyst view: 4Q21 drop plus strains from war mean component shortages drag on

    The telecoms kit market had a good 2021 with revenues close to $100bn, up more than 20 percent since 2017, but growth is now slowing, according to analyst Dell'Oro Group. Huawei is also starting to feel the effect of sanctions, but still leads the global market by a fair margin.

    However, the Dell'Oro Group's prediction of slightly less growth for 2022 may turn out to be optimistic amid warnings that the Ukraine war is already having an impact on the fragile supply chain recovery.

    Dell'Oro's analysis is based on the telecoms market sectors it monitors, including Broadband Access, Microwave & Optical Transport, Mobile Core Network (MCN), Radio Access Network (RAN), and Service Provider Router & Switch.

    Continue reading
  • Fibre broadband uptake in UK lags behind OECD countries
    Not very 'world-beating'

    Optical-fibre internet now makes up 32 per cent of fixed broadband subscriptions across the OECD countries, and is the fastest growing broadband technology. However, there is a mixed picture with cable still dominant in the Americas and the UK still predominantly DSL.

    These figures come from an update to the OECD's broadband portal, indicating that fibre subscriptions grew by 15 per cent across the OECD countries between June 2020 and June 2021, with demand for faster internet speeds as employees worked remotely due to COVID-19 restrictions cited as one reason.

    Fixed broadband subscriptions in OECD countries totalled 462.5 million as of June 2021, up from 443 million a year earlier, while mobile broadband subscriptions totalled 1.67 billion, up from 1.57 billion a year earlier.

    Continue reading

Biting the hand that feeds IT © 1998–2022