Bright Stove

Reflecting information risk journey

Archive for October 2010

Insecure Wi-Fi networks

leave a comment »

Nearly five years ago, I blogged about how the laws are not going to help secure wi-fi networks, and asserted that home wi-fi networks would be the weak link if security remains as an add-on to wi-fi technology (http://wp.me/p161XL-1h). A recent report claimed that “Half of Home Wi-Fi Networks in the UK Vulnerable to Hacking/Wi-Fi Jacking“. Interestingly, in the past five years, the security capabilities that may be turned on for wi-fi networks have progressed beyond WEP, with an assorted list of cryptographic options, but they remain as optional. It is still common to see home users using the default name provided by the device vendor, with of course the default admin password as “admin”, and no other security setup out of the box, with very few exceptions. My assertion therefore remain that if we want Wi-Fi networks to be secure, security has to be baked-in into the technology so that if security is not there, it simply doesn’t work, but not when user tries to turn on security, it stops working. This is one of those Cybersecurity problems that only the vendor (technology provider) can help to solve, but it would cost them extra manufacturing resources to do it. When they ignore it, the users are impacted, but not them.

Written by mengchow

October 16, 2010 at 6:14 pm

%d bloggers like this: