Tapping Into a Wireless World
Computer security expert Jonas Luster unearthed more than his e-mail when he signed on to a wireless network for travelers at San Jose International Airport.
Within minutes of connecting his laptop using a wireless modem, the Campbell, Calif.-based consultant gained access to a second network belonging to American Airlines’ curbside baggage check-in system. It asked if Luster wanted to send data.
“I could probably check in bags that didn’t exist and maybe do other things,” said Luster, who was asked by Computerworld magazine to test wireless security at airports for a recent article. “If they are not security conscious at that point, one can only wonder, ‘When do they start?’”
Lured by cost savings and the ease of connecting computers without stringing wires, consumers and businesses are setting up wireless networks in droves. The number of wireless network shipments for PCs and other devices has grown to 9 million annually in 2001 and is expected to increase to about 56 million by 2006, according to the research group Allied Business Intelligence Inc.
But the technology has raised questions about security and privacy at a time when the nation is trying to bolster its domestic defense and protect sensitive data from hackers and other unauthorized users.
“Wireless technology presents an opportunity to do security right, but so far [that] hasn’t been happening,” said Gary McGraw, chief technology officer of Cigital Inc., a computer security company in Dulles, Va. “Potentially everything is laid bare” by wireless networks, and someone could access all of your data, he said.
Some users believe the concerns about wireless data leakage are overblown. An American Airlines spokesman, for example, downplayed the San Jose incident, saying Luster exaggerated any security lapses.
But experts say wireless networks are riddled with vulnerabilities, starting with the fact that many units come from the store with critical security features disabled. Few users bother to implement data-scrambling encryption. And those who do might still be invaded by sophisticated users armed with software-hacking tools.
The result is that computer data often are broadcast in the open, allowing others with compatible transceivers to receive the information if they are within range.
Companies, government agencies and home users have just begun to wake up to the potential problems. The Bush administration is considering an advisory to federal agencies, warning them about using wireless networks to transmit sensitive information. And the White House has directed the Commerce Department to develop comprehensive standards to guide federal offices that use wireless technology, an administration official said.
Meanwhile, SchlumbergerSema, a New York information technology services firm that helped built a computer network for the 2002 Winter Olympic Games, said it was so concerned about wireless networks that it eschewed the technology for more secure wired computer networks.
Most wireless networks have been set up in homes and offices to enable users to share high-speed Internet connections and freely roam up to 300 feet from the wireless transmitter.The most popular wireless systems in homes and offices use a standard known as 802.11b, or WiFi. The systems use the same unlicensed airwaves as household portable phones, and eavesdroppers can capture the signals from up to two miles away using special antennas.
There also are a growing number of commercial wireless networks, mainly at airports and other public facilities, that allow travelers with laptops and wireless local area network cards to surf the Net for a fee. Wayport, the operator of the San Jose system, has such networks in about 450 locations.
Wireless networks have been criticized for easily defeatable encryption and poor password management. Devices using another wireless standard, HomeRF, and even Palm hand-helds also are vulnerable, experts say.
Aviel D. Rubin, an AT&T; Labs researcher who was among the first to expose the vulnerability of the WiFi encryption standard, said it takes only a few minutes of examining the information broadcast from a WiFi transceiver to crack its encryption protection.
“About 5% of the time, it leaks data about the [encryption] key,” Rubin said. From that data, he said, “you can mathematically reconstruct the encryption key.”
Though wireless technology sounds complicated, defeating its data-scrambling security is a simple matter, experts said. There are a number of free software programs on the Internet that allow unauthorized users to unscramble the encryption on a wireless network at the click of a mouse.
In fact, experts said, breaking into wireless networks has become so easy that some hackers are abandoning their desktop computers to go “war driving”--a term they’ve coined to describe riding around in a car with a laptop and antenna to forage on other people’s wireless computer networks.
“I know people who have stood in Hoboken, N.J., and pointed an antenna to New York City and gotten access to all kinds of [wireless] networks,” Rubin said.
The University of New Mexico was the victim of such an intrusion when a hacker commandeered several wireless printers hooked to its computer network. They used the printers to launch an electronic attack that temporarily disabled a Web site outside the school.
David Grisham, who was the university’s computer security administrator at the time of the attack in September, was so surprised by the exploit that he e-mailed other security experts to see if they had experienced similar breaches.
“In a large university environment, there are thousands of devices connected to the network,” Grisham said. “All a hacker has to do is create a [program] that takes over a device that is not properly password-protected.”
Despite the university’s experience, surprisingly few wireless networks use password protection.
Cruising the streets in the St. Paul, Minn., area with a laptop hooked to a homemade antenna housed in a Pringles potato chip can, Minnesota computer security expert Bradley S. Rubin discovered recently that about 80% of wireless networks in the area were not password-protected.
“Most people are so happy when they get a wireless network up and running that they leave all the security on the default [unprotected] settings,” he said.
The lack of automatic encryption protection partly stems from the recommendation of the industry trade group, the Wireless Ethernet Compatibility Alliance in Mountain View, Calif., to leave encryption disabled to ease the setup of wireless systems.
“We wanted users to have the best out-of-the-box experience ... but we are rethinking that” in the wake of concern over wireless security, said Dennis Eaton, chairman of the alliance. Eaton also said engineers were working on more secure standards for protecting wireless networks.
Cisco Systems Inc., the largest maker of WiFi equipment, said it is marketing gear that has better security features. The company added that it believes so strongly in the technology, it is installing it in its offices worldwide.
“We feel our [wireless] offerings are extremely secure and are absolutely ready for prime time,” said Larry Birenbaum, a Cisco vice president.
Meanwhile, new competing technologies also might improve the security of wireless computer networks.
The Federal Communications Commission this month, for example, is expected to approve a breakthrough wireless technology backed by Intel Corp., Sony Corp. and other big names that could supplant WiFi.
Called ultra-wideband, the wireless technology is three to 10 times faster than WiFi and offers much better security, proponents say. That’s because ultra-wideband networks not only have strong encryption, but also can be set up to only communicate with users at a specific location.
“The [wireless] security we have ... is not perfect, [but] more competition in the market will lead to better security,” said Yale Braunstein, professor of information management at UC Berkeley.
