Forgot your password?
typodupeerror
Bug

New flaws in 802.11B 93

Posted by Hemos
from the good-thing-that-the-neighbors-don't-have-it dept.
obobo writes "The New York Times (free reg yadda yadda) has a story about new flaws in the 802.11 standard, based on this paper. The upshot is that even with 128 bit encryption and MAC address control lists, it's still easy to hack."
This discussion has been archived. No new comments can be posted.

New flaws in 802.11B

Comments Filter:
  • by Anonymous Coward
    Encryption is really important. It's an indispensable component of eliminating anonymnity on the Internet. With public key signing, there's no excuse for ANY traffic on the net to be anonymous. I envision a future in which all packets must be digitally signed or they get dropped by the routers.

    Really, I'm looking forward to that day.
  • by Anonymous Coward
    They still haven't figured out a way to close their no-registration backdoor [nytimes.com].
  • by Anonymous Coward
    Today seems to be a sad indication that as technology develops further and further, our privacy becomes less and less important. More technology == less privacy?

    Storing anything online makes it more easily accessible for good and for evil. Wireless is even less secure than online because a listen only tap point is untraceable.

    Get an older scanner that will cover 868-894MHz (analog cellular). You'd be surprised how many people still read their credit card numbers, social security numbers, etc. over the air and in the clear.

  • The problem is not just encryption, its all that other stuff that goes around it. You need a good way to create and distribute keys and make sure that they are used well. Designing a secure system is not just slaping a 128 bit key encryption system onto what you already have, you need to plan it from the ground up very carefully.

    Think of it this way if the bank has the world's best vault but transports the money in bob's old VW van. Then the bank has lousy security.
  • by drwho (4190)
    Stupid, old news.
    802.11 is insecure, but this is well known.

  • 1984 should be about one or two wars away...
    The current world climate isn't paranoid enough.

    Perhaps privacy is as bad as it has always been, I've studied people through the "analog" trail everyone have.
    It should be noted that I live in sweden where govement information are openly available.
    What people don't know is that they are even less private that way.
    You might worry about someone finding you creditcard number on the web. Take a look at some slips in your wallet.
    Another thing that's a little frightening is to call some companys and claim to be someone else, most companys don't care because they want to be "customer friendly".

    I think privacy is a thing you have earn through caution. Don't feed the papertrail!

    // yendor
    --
    It could be coffe.... or it could just be some warm brown liquid containing lots of caffeen.
  • Would you post a white-paper saying that the 802.3 NIC you bought didn't encrypt your traffic?

    Unlike Ehternet/802.3, IEEE 802.11b is advertised as being secure. It isen't.

    Papers like this one are important as it shows how expected features aren't there. It is a paper that that techs can use to show their managers why 802.11b should not be used, or why it is going to cost more then a few hours and the cost of the nics.

  • The reason that there's normally not security in layer 2 is because it usually is a physical connection, and thus you use physical security. Logical connections require logical security. Since you don't have control of the "wires" in wireless LANs, you _do_ need security.
  • The difference is that with a regular wired LAN, you can have physical security - you can control the wires. With wireless you have a totally new can of worms, because the wires are no longer under your control.
  • My BS is in Math

    Sort of like alot of the BS in this article?

  • As noted in several other replies, 802.11a "operates at the 5-GHz UNII (unlicensed National Information Infrastructure) band and can achieve data rates as high as 54 Mbits/s" as noted by eetimes [eetimes.com] here [eetimes.com] and here [eetimes.com]
  • ETSI (Europe) has lower maximum power requirements but they allow the same number of hopping frequencies as in the USA. In Japan and Canada, though, FHSS radios are limited to the lower half of what is the ISM band in the United States. So they hop on frequencies twice as much as they do in the USA. Something interfering with a radio in Canada would cause twice as much performance degridation as the same radio in the USA, but the problem is even worse with DSS radios in these markets because with only half of the US's ISM band to use, there are no overlapping channelsthus without proper antenna placement and frequency seperation, you are very limited to the total amount of bandwitdh you can aggregate with either technology, and especially DSSS.

    ~GoRK
  • The hopping sequence of a BSS cannot be determined or recieved reliably by a single radio without knowing the ESS ID of whatever cell you are currently in; however, the ESS ID can be determined easily after determining the hopping sequence.

    As far as speed and range, Breezecom equipment (that I know of) will break the 802.11a spec and communicate at 3mbps. If another manufacturer's 802.11a radio comes within range, it will communicate with that raido at 2mbps, but 50% performance above the 802.11a spec often gives these radios a performance advantage over even DSSS radios, since a DSSS radio will talk at 11Mbps, 5.5Mbps, then 2 and 1. Over long ranges it is extremely rare that you can make a full 11Mbps link, and more likely that your 5.5Mpbs link will have less than 50% throughput... meaning that if you get about 2.9Mbps out of your DSSS radio at some distance, you are doing well, and if you can get 2.4Mbps out of a breezecom radio at the same distance, then you are not losing a lot by going with FHSS... Add to that the fact that because of the nature of FHSS technology, you can place probably 10-30 radios in the same band and aggregate the bandwidth, you will leave 802.11b in the dust.

    Just some more thoughts on the matter...

    ~GoRK
  • by GoRK (10018) <johnl AT blurbco DOT com> on Tuesday April 03, 2001 @12:32PM (#318314) Homepage Journal
    I did not say it was impossible. I said it was much harder than DSSS. To reliably intercept FHSS with or without WEP requires 72 radios. Without knowing the ESS ID, you will not be able to accurately determine the hopping sequence of your BSS. I suppose you could have a smaller number of radios guessing the sequence, but it would take much longer and be much more complicated. Once you have the hopping sequence worked out, then you can deduce the ESS ID and then after that you could configure one radio to that hopping sequence and then you'd be in the same boat with 802.11b as far as the security of WEP goes. So, the hopping sequence on 802.11a is cryptographically secure from the ESS ID - but I do admit it is very weak crypto. If someone is spending this much money to hork onto your wlan, they could probably physically infiltrate your facility and steal the information necessary to jump on it a lot easier than they could figure it out. If you are that paranoid about your data, then you should be running a more secure form of crypto on top of the base anyway, like I said in my initial post.

    ~GoRK
  • by GoRK (10018) <johnl AT blurbco DOT com> on Tuesday April 03, 2001 @10:24AM (#318315) Homepage Journal
    You know you would have thought that with all the 802.11b stories on here, somebody would have mentioned the much more secure counterpart to 802.11b -- which is 802.11a, a frequency hopping standard that defines a much much much harder to intercept, much much much more stable, reliable communication (we are talking orders of magnitude) above 802.11b (Oh yeah, and plenty [breezecom.com] of equipment [proxim.com] is available [webgear.com] also.)

    How come when LAN's go wireless, geeks suddenly forget the basic fundamentals of RADIO which, for the specific technology we are discussing, is almost as well understood as power generation. Wait a minute, but didn't the folks who delegated the IP address space give RADIO OPERATORS a quite enormous chunk for EXPERIMENTATION? Where are all these guys. For instance, the story that ran a few days ago where someone at O'Really (sic) declared that a 802.11b product was good because his microwave oven did not interfere with its operation might have taken one second to read the frequency of his microwave off the little label inside the door and look up the frequency of whatever channel his DSSS radio's was on before realizing that the microwave was (99% likely) not even on the same frequencies.

    It's about time for all of you to go out and read how these radios and standards really work [tcr.com] before making wild comparisons, accusations, etc. or being suprised when someone points out that the standard is not fundamentally secure. Here's a hint: It was never designed to be any more secure than wireline communications. The amount of money someone would have to spend to tap into your wired LAN is equivalent to the amount of money they would have to spend to intercept your wireless. If you require secure communications over wireless, use IPSec or encrypted tunnels. Just like you would do on the wireline.

    Get it together. I am losing faith in you guys.

    ~GoRK
  • OK, I didn't think it was that insightful, but thanks, I guess.

  • by ethereal (13958) on Tuesday April 03, 2001 @10:22AM (#318317) Journal

    That's a pretty 1337 title for a paper, why didn't they just call it:

    "All Your WEP Are Belong To Us"

    But seriously, this points out that you can't just trust someone to tell you their product is secure. Lucent's "closed network" sounds great, except for the part where it broadcasts the shared secret in the clear!

    [smacks head in disgust, and hopes to never commit such a colossal blunder in my own work]

  • I don't know where you make this stuff up from. There are exactly three hop sequences defined for use in North America and most of Europe.

    From "The IEEE 802.11 Handbook: A designers Companion":

    Set 1:(0,3,6,9,12...75)
    Set 2:(1,4,7,10,13...76)
    Set 3:(2,5,8,11,14...77)

    Unless I am misreading something, there are only three sets of hopping numbers. Not exactly a difficult thing to guess if you need to.

    Your insistance that DSSS is somehow easier to eavsdrop on FHSS is just a bunch of crap. Neither technology was designed with any resistance to eavesdropping in mind at all. You can't specify your own hopping sequence for FHSS, and you can't specify your own Barker sequence for spreading DSSS. Had the 802.11 folks cared at all about making eavsdropping hard, they would have let you do these. Of course, they probably wouldn't have gotten FCC approval, but what the hell.

    So, just drop it. What little security you have is based entirely on the WEP, and not at all on your choice of slow FHSS vs fast DSSS.
  • But can you do that for 802.11 gear? How am I supposed to connect to the WLAN if I don't know the hopping sequence? The book I referenced also specifically says that the sequences were carefully chosen, and makes no mention of user-generated sequences. I have also never seen any reference to an actual configuration parameter for an 802.11 client to specify the hop sequence.

    I have no doubt that with some other gear you can change it to whatever you want. But, I have never seen anybody produce a reference to an 802.11 parameter to change the hop sequence. If you can produce a link, I would love to see it.
  • I found some references. It is not possible to set arbitrary sequences. According to Breezecom (cached version here [google.com]):

    ---quote---
    For FHSS systems IEEE 802.11 defines 79 different hops for the carrier frequency. Using these 79 frequencies, IEEE 802.11 defines 78 hopping sequences (each with 79 hops) grouped in three sets of 26 sequences each. Sequences from same set encounter minimum collisions and they may be allocated to collocated systems. Theoretically, 26 FHSS systems may be collocated. However, as synchronization among independent systems is forbidden (synchronization would eliminate collisions), the actual number of systems that can be collocated is around 15.
    ---end quote---

    I assume the three sequences are the ones I originally listed. If I'm not mistaken, it's considered a different "sequence" if you start in a different place. So:

    1-5-9 is different from 5-9-1 and 1-5-9. So, an evesdropper would not be trying to guess a random sequence, he would just camp on one frequency, listen, and if a signal showed up he would start hopping. In other words, the 26 seqences vary only in time, so an eavesdropper only has to listen for a few seconds on one frequency to "check" all 26 sequences based on that set. Is that a fair assumption?

    I also found a reference to an algorithm for determining which country you are in by checking which frequencies the AP broadcasts beacons on. In order for this to work, it requires the hop sequences to be well known for a given country. It's here [technion.ac.il]

    So, given this little bit of research, I still believe the claim that FHSS 802.11 is somehow more secure than DSSS 802.11 is basically crap. I would love to be proven otherwise.
  • you dont even know what a MAC Address is ...
  • But who ever said one of the duties of layer 2 was to provide security?

    That's not entirely an accurate statement, I relize.. but the concept is there.

    Ethernet is very hackable.

    You should rely on higher-layer protocols to prevent hackability.... not your lowest layers. 802.11b was not developed for super-secret communications; it's not for spies. It's for every-day-people...
  • That's rather obvious. but you see, from a data protection point of view, most places don't audit every single jack in every single wall. They don't run switches in ultra-secure mode and don't use static arp tables on all their servers, etc etc etc....

    Yes, there is a point, in that others should not be able to connect to your network. That's important.. but not the same thing as network security. We still need higher layer secure protocols.. ALL protocols...

  • It almost sounds like Lucent's answer is simply disallowing association via the "broadcast ssid" or the "null ssid". This is no really big deal.

    Cisco/Aironet access points also have this option to disallow access via the broadcast ssid, with one important difference:
    When broadcast ssid is disallowed, the ssid is NOT transmitted in the beacons, which makes associating to those AP's more difficult. (The ssid field in the beacon is nulled out)
    Also, as far as I know, Cisco/Aironet does not recommend the usage of shared key authentication, but gives the user the option....

    Disclaimer: I work for Cisco/Aironet
  • To reliably intercept FHSS with or without WEP requires 72 radios.

    You only need a single wideband receiver.

  • by Xenu (21845) on Tuesday April 03, 2001 @10:53AM (#318326)
    If you think frequency hopping is, by nature, secure and hard to intercept, I have a nice bridge in Brooklyn that I would be willing to sell you. The NSA and military have been intercepting these types of systems for decades.

    If the system does not have a cryptographically secure hopping sequence, which is just about everything on the market, it is trivial to intercept. Even with a secure hopping sequence, it is possible to reconstruct the signal in many cases. Think wideband receivers and directional antennas connected to a signal processing computer.

  • by matth (22742) on Tuesday April 03, 2001 @10:13AM (#318327) Homepage
    By Pass Free Reg Required:

    http://channel.nytimes.com/2001/04/03/business/03F LAW.html [nytimes.com]

  • /me hands GoRK an industry-standard trunk-tracking police scanner

    --

  • No matter how strict you make your security, in the end it depends on the user.

    If you take every attempt to provide good security, the customer will find your key management such a big hassle that they won't buy your products. Popular magazines will make fun of your complicated methods, and elaborate network setup, and will praise the Plug-and-Play method of your competitor. The only way to survive as a vendor is to make it easy on the user. Unfortunately, tight security and ease of use don't mix very well.

    I'll bet that more 802.11 networks are broken into that are simply not using any security at all, than networks that have had their WEP security cracked. Just because the network manager couldn't be bothered to check the box that said 'use WEP security'. And even if people do enable WEP security, how many do you think will opt for a 128 bit hex string, as opposed to an easy to remember dictionary word ?
  • Try putting more than a dozen 802.11b access points within earshot of each other.

    I wish "too many access points" was a problem that I had to deal with. Every wireless install plan that I've seen has assumed some degree of airspace cooperation, and the emphasis is usually on covering an area with as few access points as possible.

    You make a good point about dropping connections with 802.11b, but unless things have changed in the last few months, all of the 802.11a stuff that I've seen has the same problem.

    how come nobody talks about the 26mb FHSS equipment that is due to come out soon.

    There's a lot of cool technology that's "due to come out soon." When it makes the transition from vaporware to hardware, we'll talk about it. I suspect that it'll have the same problems as most high-speed wireless "extensions": you only get the speed if you're within a few feet of the access point. Otherwise, it drops back to the same old slow speed.


    --

  • 802.11a becomes saturated much more quickly. Try putting more than a dozen users on an 802.11a access point. IF it works, it'll be amazingly slow.

    I haven't read both specs, but I'd guess that 802.11b (Wi-Fi) devices can share a frequency, while 802.11a devices just hop to a new freqency if theirs is in use. When the number of users gets close to the number of frequencies, things fall over and go boom.

    I work for a university that recently deployed a large wireless network, and 802.11a was totally unacceptable for even a medium-sized classroom. 802.11b was able to handle the load, though it is pretty slow when you have 50 users sharing a 2Mbps connection.


    --

  • Only the WEP attacks require computation, and even those are so trivial as to be not worth coding up except to fuel the script kiddies.

    Wrong. You obviously missed this very important sentence at the end of section 5:

    Only the WEP attacks require computation, and even those are so trivial as to be not worth coding up except to fuel the script kiddies

    What's the significance of that? Well, we already knew that running an 802.11b network without WEP would be the act of a total moron. What the paper is saying is that *with* WEP you can attach to the network but you can't actually use it without the methods mentioned in the Borisov/Goldberg/Wagner paper. Those methods, in turn, are far from trivial. In fact, they're extremely difficult (but, admittedly, not impossible) to implement in the real world. In other words, nobody's network is actually likely to be compromised in this way. As another poster said, it's theoretically interesting, but of very little practical import.

  • Frequency hopping 802.11a is dead easy to hack into - the standard ensures it. Basically, because all devices on the network need to know which frequency to hop to, this info is broadcast, along with timing details and other useful bits and pieces. So you don't need to guess. I have used a £100 802.11a card to hop on to a WLAN in under 2 minutes. It would have been faster, but I was using Winblows that day, and I had to reboot. 802.11a is cheap, low security and dead simple.

    802.11b has its advantages - it is a lot harder to hack in a lot of situations, due to ambient rf noise and the chipping code can add a fair amount of front end security if you use a very long sequence, but it too can be monitored. Hence the term WEP - wired equivalent privacy.

    I agree with the rest of the post, though:
    You wouldn't have sensitive data on your wired network for all to see would you? No, you would encrypt it and use secure encrypted links. Do the same on your wireless LAN.

    THAT'S THE WHOLE POINT

    Here in the UK, the fact that we can only transmit at 100mW means an attacker does have to be fairly close, and some of my clients do add 'Tempest' type shielding where there is rf leakage, but again, their security comes from encrypted point to point links, and other means


    Frog51
  • Well as many have mentioned the wireless 802.11 security leaves much to be desired. There was a story on slashdot that ran about a month or two ago on this same subject. In any case, I would think that if you simply ran an encrypted tunnel from end to end around the wireless segments that would be a much better solution than relying on the weak WEP 802.11 standard.

    If you are implementing this on a corporate level you should know this. This is your job. Obviously, the problem here is that we have people implementing networks (MIS graduates) that don't want to look at what fundamentally is going on with the technology. They simply hook up the cards, install the windows drivers and move on to their exchange servers. I guess its not their fault really. Companies know their background. Companies should have some hackers working on breaking into their system. Those white hat hackers could easily expose this stuff. I guess thats what security experts are for.. :)

    JOhn
  • Actually, there is a really easy way to make these networks secure. Put your wireless access point outside of your firewall, then use VPN software on the client to connect to your intranet. You can also filter at your router to prevent people from getting a "free ride" on the internet if you are concerned about that.

    That way, you totally bypass the WEP and have a reasonablly well tested security model (VPN) guarding your data.

    When I set up 802.11b in my house, that is what I am going to do...
  • how many do you think will opt for a 128 bit hex string, as opposed to an easy to remember dictionary word ?

    How's about both? 0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF DEADBEEFDEADBEEF. Is a hex string that is made up of easy to remember dictionary words, especially if you're British.
    _____________

  • by lizrd (69275)
    One thing that you may also want to consider is that you may wish for your wireless clients to be behind a firewall for one reason or another. In the case of most home users they probably need their firewall to assign non routable IPs via DHCP for all wireless connections. Thus, for the home user a DMZ of sorts would be an ideal solution. Naturally, your trust model for this DMZ would be different than for a DMZ that consists of webservers and such and would be on a different segment than the webserver DMZ.
    _____________
  • Yup you're misreading... those are the Hopping Sequence seeds... you can actually adjust the hopping pattern as you like (I used to do it with TAL/RDC equipment for Wireless MAN deployments when a DSSS radio got in the way... the ISS band can be very busy sometimes :)

    I agree with you, FHSS is harder to intercept but not impossible... so instead of whining about how insecure it is, use the means available to add security over insecure channels (IPSEC, PPTP, VPN software, etc).
  • by danielhsu (78479) on Tuesday April 03, 2001 @10:37AM (#318339)
    An analysis of the WEP algorithm can be found here [berkeley.edu]. The document points out a lot of the flaws in the algorithm and what attacks it is vulnurable to.
  • the use of the term "attacker" instead of "hacker".
  • Just so you know, the only security that FHSS has over DSSS is the frequency hopping, and its pattern. If you wish to gain access to an 802.11a network, you simply use an 802.11a radio to do it. Remember (or perhaps learn) that Frequency Hopping radios (at least, in 802.11a) broadcast their hopping pattern ... how else do you expect child radios to stay in sync?
    I'm not sure about the capacity of 802.11a, first glance places it in 5-foo GHz, which would greatly increase bandwidth, if implimented correctly (but markedly reduces range). If you're talking about 2.4GHz FreqHopping, it's limited to 2Mbps total, which would give it about 1Mbps throughput).
    --
  • by Kishar (83244)
    Folks, I know that security and related foo are a juicy topic that /. loves to tear into, however, step back a moment and apply some grey matter.
    Would you post a white-paper saying that the 802.3 NIC you bought didn't encrypt your traffic? How about that 802.3 hub that lets anyone who has an ethernet card and a long enough (within 100m of course) cable see all your data, unencrypted?! Notice anything yet? That's right, 802.11, just like 802.3 is just a layer 2 application. The highest level 802.* understands is MAC address. I, for one, am thankful that the folks who developed it went the extra mile to put a few controls ON THE RF SIDE of things to make it difficult for an attacker to enter a wireless network. However, the person who doesn't understand that 802.11 devices are either a) NICs or b) Bridges, is delusional, and needs to (re)take that Introduction To Networking class.

    <rant>
    Oh, yeah, and it has become very bothersome, personally, when someone mis-configures, or doesn't configure a device, and then complains about the failures and shortcommings that ensue, blaming the protocol/device/technology/product.
    We didn't give the Netcraft "benchmarks" any credence, why should we pay attention to this crap?
    </rant>
    --
  • No, it's not advertised as "secure", it's advertised as "as Private as a Wired LAN".
    What you forget is that if someone had the time and money, they could intercept the signals travelling from your keyboard to the computer, the display buffer's signals to the monitor, the ethernet signal travelling down your UTP cable ...
    The point is that to the average person, a *properly configured* wireless LAN, using WEP, is exactly as private as sitting on a hub.
    --
  • Wake up...

    The performance of FHSS systems is lower than DSSS systems, typically 50% - 33% of DHSS systems. This is the greatest disadvantage of FHSS.

    The only disadvantage of DSSS is that you can't point antennas at each other on the same channel or it will boost the SNR beyond belief. Strategically placed antennas will NOT have this problem. FHSS can deal with it better, however you still lose bandwidth.

    Another disadvantage when using FHSS is the frequency problems. 79 in most parts of the world but then you have japan and france(?) with what, 23?

    And of course FHSS might be harder but it isn't hard to crack either. Ask any army boy you know that works in that branch.

    /Richard
  • Not only do they give you the option, but it comes enabled by default. Both the AP340s I have had shared keys enabled by default.


    ---GEEK CODE---
    Ver: 3.12
    GCS/S d- s++: a-- C++++ UBCL+++ P+ L++
    W+++ PS+ Y+ R+ b+++ h+(++) r++ y+
  • Get over it. Mainstream media has been saying hacker instead of cracker/attacker for too many years to change. In your own circles, you can say cracker, but the majority of the people out there will say hacker.
    ---GEEK CODE---
    Ver: 3.12
    GCS/S d- s++: a-- C++++ UBCL+++ P+ L++
    W+++ PS+ Y+ R+ b+++ h+(++) r++ y+
  • they had written plenty of code, guess what though they don't think it is necessary to make the code available to make the point.

    Fine. I don't think the code should be released either. But they damn well ought to test it, see how long cracks take under various real world conditions, and publish the results. If it's under an hour, businesses should throw 802.11b out the window immediately. But if it takes a week of constant sniffing, personally I'd be more worried about black hats posing as janitors [google.com] or some such.

    burden of proof lies on the IEEE group to prove that WEP is secure

    Sure, I agree that WEP is weak. But all security is relative. Any prime-number-based encryption can be broken with sufficient cycles [distributed.net]. So tell me Mr Owl, how many licks [tootsie-roll.com] does it take to get to the center of 802.11b?

  • by frankie (91710) on Tuesday April 03, 2001 @10:40AM (#318348) Journal

    So yet another academic has written up a mathematical proof of the flaws in 802.11. Hurrah. I see one small flaw in their reasoning -- not a single one of those papers includes a section where the author says "I personally sat down with my laptop outside a WEP-enabled office building and cracked the network in [foo] minutes/hours/days/whatever".

    My BS is in Math, so I know for a fact that this old joke is often true: "Mathematicians don't need to be good at counting, we just care if it's countable [interaccess.com]". Until one of these professors (or more likely their grad students) actually writes the necessary decryption code and does it, we still don't know exactly how easy or difficult the crack is.

  • by MattW (97290) <matt@ender.com> on Tuesday April 03, 2001 @10:00AM (#318349) Homepage
    Honestly, I've gotten to the point where I don't trust wires of any kind, let alone wireless. It's hard enough to trust the endpoints and the encryption between in a secure exchange, never mind trusting your ethernet. Maybe if the government wasn't all gung-ho about preventing nefarious criminals from getting encryption (as if the government opposing it would stop them), then the citizens would already have lightweight encryption capable of securing even a communications medium like this. But, hey, "law-abiding citizens don't need encryption", right?
  • It is fallacious to argue against stronger security in one area because security in another may be weaker. Then, you simply end up with "lowest common denominator" security, which is usually not much security at all.

    I don't buy the argument that WEP and 802.11b were supposed to be no more secure than your wired LAN. They are, in fact, much _less_ secure because your network is not bounded by physical means anymore. Someone with a high gain antenna can "plug in" to your lan from a few kilometers away and you wouldn't be the wiser. You'd probably notice a 2km cat5 cable running into the hills away from your building.

    I ask you this, if the FHSS or DSSS were meant to provide security (and not the S/N increase, etc. originally intended), why do you need WEP at all? WEP was introduced with 802.11a (which uses your beloved SS system) and lives on in 802.11b.

    My read of the 802.11x specs shows no mention of FHSS or DSSS to provide security. The sequence is not meant to be secret! Read the paper and see that associate/disassociate messages are all sent in the clear (and all devices can communicate with APs regardless of FHSS/DSSS because that facilitates interoperability). Also, an attacker could steal a WLAN card and all security of your FHSS/DSSS is gone with the card or laptop (assuming you had a secret sequence to provide security in the first place, which you don't).

    -core
  • This attitude of "it's secure until you show me a tool that can break it" is preposterous. I agree that many academic papers show theoretical flaws in systems that are generally not practical. However, these are _practical_ flaws. If you base security decisions on whether there is a tool to exploit a practical flaw, you're looking to get 0wn3d. Would you not drive a car with faulty gas tanks just because nobody has reported any problems with them?

    -core
  • Lets spend just a minute thinking about how important this really is. When Bobby Java is sitting in Starbucks, using their wireless connection, what is he likely to be doing? Deleting the 12 e-mails he got last night offering him a low rate mortgage and greater sexual prowess? Browsing the New York Times? /.? Making a lunch date or dinner reservations? Reading Doonesberry? I'm sure there will be eight or 10 people cruising the streets of Seattle trying to pick that important information out of the air.

    My US Mail is left every day in a box, on a pole, by the curb, next to the street. No lock. No encryption. I can't remember worrying about someone getting in and stealing my weekly discount shopper coupons or my bank statement or my VISA bill.

    Come to think of it ......
  • Well don't forget that Ethernet broadcasts to everyone on the segment. Which is why it was so easy to sniff people's passwords, email, instant messages, whatever.

    Email originally was viewable by everyone, completely open on the system.
  • You don't 'control the wire' unless they're both fully tempest shielded and contained in an airtight pipe pressurized with inert gas.
  • If you need to protect yourself from people with these kinds of resources, don't do wireless in the first place. Of course, with gizmos like Tempest, you don't stand a chance of keeping stuff secret anyway.
  • much more secure counterpart to 802.11b -- which is 802.11a, a frequency hopping standard

    Um... no. 802.11 defined the basic standard as well as Direct Sequence Spread Spectrum and Frequency Hopping Spread Spectrum. 802.11a defines the protocol for up to 54Mbps. 802.11b expands the 802.11 standard and includes things such as defining how clients that can support different speeds can all connect to the same access point.

  • Well I'll be damned. And this http://channel.nytimes.com/
    gives you a directory back to 1919...

    Thanks.
  • More info on WEP can be found here [microsoft.com].

    ---
  • > *sigh* How far away is 1984 again? :)

    m$ passport anyone?
  • Get over it folx, the government is never going to approve sales of a wireless product with an unbeatable encryption and without a backdoor.

    There is a possible solution: use software with encryption. There are point to point tunneling solutions with encryption and more... Hey, there's money to be made in encrypted wireless networks/intranets. Don't complain, start coding today.

  • Airwave [airwave.com] uses unencrypted traffic, not WEP. As a previous poster noted, WEP requires a shared secret among users. There would not be much point to sharing a secret with your fellow coffee drinkers if your purpose is to keep them from reading your Business Plan.

    As you point in in #1, it's not secure once it leaves the cafe anyway. If you are concened, use ssh or https or encryption in email for your business plan anyway.

    And get a pair of those glasses with mirrors on the front so you can make sure nobody is looking at your laptop screen either!

    And to bring everything but the CueCat [slashdot.org] into this, I got mail from Airwave saying that their DSL in the local cafe here used NorthPoint [northpoint.net].

  • He probably means plain 802.11 without the b.
  • I could duct tape an IPSec security gateway (e.g. Nortel) to an AirPort and have a solution for secure, point-to-point wireless connectivity. The government couldn't stop me from selling that - and they won't stop router makers from adding 802.11 to secure vpn products. Haven't for years.
  • Don't put to much faith in digital signatures ability to identify the human user of a computer. Basically all a signature does is guarantee that the user had access to the signature, not that they are legitimate owner of that signature. In a court of law, the signer can still repudiate said traffic.
  • From what I've heard here on /.

    We don't need to worry about security on these wireless devices! Most of the ones that are setup have full blown access to anyone passing by due to a lack of FULL configuration!

    Tom says, "No! Stop! it's working... I'm on the net! And I can see the fileserver. Don't mess with it!"

  • mod this up
  • Sure, they use some of the same algorithms. But they are nnnnot thhe saym.
  • You obviously did not even bother to read the referenced article. The non-WEP attacks are so trivial as to not require any programming to accomplish (snoop from the parking lot and change the MAC address of your interface being the most trivial attack). Only the WEP attacks require computation, and even those are so trivial as to be not worth coding up except to fuel the script kiddies.

    It would really help if people would actually read the links before posting.

  • by Daath (225404) <lpNO@SPAMcoder.dk> on Tuesday April 03, 2001 @10:23AM (#318369) Homepage Journal
    Seeing how security over normal wires is very hard to implement, it's really no surprise that wireless devices are more vulnerable...
    I guess the only way to make something like that secure to a satisfactory degree (right now), would be to build a radio-dead building with radio-dead windows, so that only wireless devices within the building can connect... That'd bring security up to current level of wiredevices... Which means that you would have to have physical access to the LAN...
    Building something like that has a few advantages for the paranoid, it would also block electronic emanations [www.hot.ee]. I think buildings like that are referred to as TEMPEST buildings...
    /. has a few articles that touch these subjects. Shielded PC casings [slashdot.org]. Some TEMPEST docs released [slashdot.org]. More docs revealed [slashdot.org]. Scan the EMF spectrum [slashdot.org]. This is the same docs as above I think [slashdot.org].

  • Dave Wagner at Berkeley published info about weaknesses in 802.11 [berkeley.edu] several months earlier.
  • Unbreakable encryption is possible: the key must be the same size as the data. See http://www.bebits.com/app/1100 [bebits.com]... Source included.

  • Hi.

    Intel sponsored the study because a year ago Intel was full-blown behind Bluetooth. Bluetooth has since died a nasty death, and Intel has changed courses to embrace Wireless Ethernet.

    Bluetooth died? I must have missed that one... Bluetooth never really lived so far, at least it did not live as a grown-up, just as a kid that is in the kindergarten-age. But Bluetooth currently grows up really fast (with the problems involved by fast growth...).
    Intel never left the Bluetooth-path, but they turned over from HomeRF to IEEE802.11b. Maybe you mixed this up with bluetooth.

    As for security concerns, most products on the market today conform to Wi-Fi which is a more highly secure (and compatibile) variant of the original 802.11b specification.

    Sorry, but this is wrong. WiFi is a consortium that does some tests to ensure that the theoretical interoperability achieved with the IEEE 802.11b is true in real life with the tested equipment. It is no way a better or somehow changed version of the 802.11b standard, so the WiFi-Logo does in no way tell anything about better security!

    cu, otaku
  • Sure, you can wait and try to implement something stronger into the standard. When that happens, it's going to be hacked anyway. It's the same issue that the music industry is grappling with in developing SDMI - You can't make something unhackable if you expect an arbitrary number of people to be able to use it, and in a timely fashion. MAC addresses can be spoofed, encryption broken, watermarks remove, whatever.

    The best thing to do is put it out there with the appropriate caveats, and work to secure it as best you can as you go along. If you are waiting until it is bulletproof, you'll never release it.

  • by Gruneun (261463) on Tuesday April 03, 2001 @10:09AM (#318374)
    Honestly, I've gotten to the point where I don't trust wires of any kind

    Agreed, but encryption will never be absolutely secure, despite what a government does or does not do. The key is to know who's intereted in your data and plan accordingly. The level of encryption only needs to be stronger than what someone else is willing to attempt breaking.

    A prospective victim in a police station isn't absolutely safe, but it's much more likely that they'll be left alone there by someone only interested in lifting thir wallet. The mob snitch is a different story.
  • I don't think the code should be released either.
    A theoretical attack is pretty useless when persuading buisnesses.
    If it's under an hour, businesses should throw 802.11b out the window immediately.
    They arn't going to do this unless they fear people will actually attack it. One of the ways to prove people can and will actually attack it is with open exploit code. Then the companies can't claim it's only theoretical and there is a verifiable method to prove it's exploitable.

    espo
    --
  • Until one of these professors (or more likely their grad students) actually writes the necessary decryption code and does it, we still don't know exactly how easy or difficult the crack is

    So do you have to wait for the first satelite to orbit it to believe that there is another side to the moon?

    Actually when I spoke to Ian Goldberg about this they had written plenty of code, guess what though they don't think it is necessary to make the code available to make the point. The only reason to have the code would be to do something malicious with it.

    But that is irrelevant, the demand for absolute proof is ridiculous, the burden of proof lies on the IEEE group to prove that WEP is secure Most of us would prefer to know well in advance of a system being broken that it is vulnerable. Measuring the degree of security even if it cannot be broken is still an important thing to do.

    As for actually reifying the break as code, I don't have to see that done to have it proved to me. I know how RC4 works, I know how WEP performs keying. I can calculate that someone can break the scheme with a few weeks of effort and a moderately fast machine.

    Lucent et. al. are charging premium prices for 128 bit encryption what they are delivering is only worth 24 bits that is misleading advertising at the very least - particularly since they knew about the flaw for over a year.

  • There are two problems with WEP, first the implementation of the protocol is flawed, second the risk model of the protocol is entirely wrong. Unfortunately the WEP group show very little interest in remediation.

    The basic protocol flaw is that a stream cipher is used with an insufficiently large initialization vector. If a block cipher had been specified the protocol would actually be reasonably secure. The reason a stream cipher is problematic is that the ciphertext consists of the plaintext xored with the cipher stream. This makes all sorts of integrity attacks possible and means that the security of the system depends on the initialization vectors never being re-used.

    The more serious flaw is the belief that the difference between a wireless network and a wired one is that the network is no longer protected by physical security measures. Ethernet may be insecure, but in most cases access to an ethernet requires physical access to the building in question. With a wireless card a sacked employee can be surfing the intranet from the car park.

    The most serious security risk of wireless then is the lack of authentication, in an ethernet network there is an implicit authentication that is obtained by having got through the front door. WEP makes no attempt to duplicate this, nor do the remediated versions of WEP. All the 802.11b users in a network share the same access key

    There are plenty of ways to make this secure, unfortunately that is not on the agenda. Patching up the privacy so as to make the cards sellable is all that is likely to happen in the short run. Bodge 'em and flog 'em. The purpose of WEP is not to give users security it is to overcome the customer's legitimate security concerns so as to make a sale.

    The obvious security solution is to bind a private key into each card, just as is happening with newer cable modems. The public key certificate fingerprint for the card is printed on the case. To enable a new card for access to the network the admin adds the fingerprint to the 'authorized users' list.

    Sure there are some remaining risks - extracting the private key from the device for e.g. but it is unlikely to be possible to extract a private key without the authorized device holder knowing (particularly if we all read Paul Kocher's articles on timing and power analysis attacks).

    In summary, the WEP protocol should be discontinued in its present form. Early deployers would be well advised to ignore the layer 2 security on the card and wrap VPN security arround it, such as IPSEC or PTPP etc. That gives security but the crypto processing is now being done on the processor and not on the 802.11b co-processor where it belongs.

    The other piece missing from 802.11b deployments is that at the moment security is a binary switch. I would quite like visitors to the company to have Internet access from our conference rooms but not Intranet access. It should be possible to configure the base station to allow any PC to connect to the outside Internet without requiring an authentication key ahile requiring an authentication key for access to the local area network. Same goes in a large enterprise where employees from another division may be allowed access to the Internet (and their own LAN) but not the division they are visiting.

  • Ooops, what I meant to say was

    The more serious flaw is the belief that the difference between a wireless network and a wired one is the lack of privacy. In fact the most important difference is the fact that the network is no longer protected by physical security measures

  • There is a possible solution: use software with encryption.

    WEP is encryption, the problem is that it is bad encryption. They used a stream cipher in a way that a stream cipher does not provide security.

  • Do remember that if someone is willing to spend big $$$ on it, they can pick up everything passing through those twisted pairs from an antenna across the street. The CIA has done much tougher interception jobs. I think few, if any, industrial spies would have the capability now, but that sort of equipment will benefit from Moore's law also. So some day you are either going to have to encrypt everything, or run fiber to the NIC...

    But wireless has an extra layer of insecurity -- not only can you spy on it easily, but you can also inject false data.
  • True, true... For an analogy from a slightly different field: some professional car thieves can create a key to fit your car and drive away in 60 seconds, but most stolen cars had the keys left in them...
  • 1. Who ever told you the Internet was secure? Whoever it was, is, as we say, a lamer.

    2. I ran into the Airwave guys in front of Fry's Palo Alto store a couple of weeks ago, and snarfed some of their lit. Their idea is cute, but they have a major chicken-and-egg problem: they need to either sell access to users before locale proprietors will sign up en masse, or they need to sell locale installations before the users will sign up en masse. And 90% of their 100 or so hits so far are coffee shops. Who spends more than ten minutes in a coffee shop, and are enough of those droids interested in wireless connectivity that you'll make any money at $1.99/use or $9.99/mo? And now their tech is compromised, so you can't even trust you're not giving away your Next Great Mobile SKU Database Platformation Business Model plan to the Latte Mafia when you're WEPping it to your bankroid. Tsk, tsk.

    --Blair
    "There's a joke here about ALL YOUR BW ARE BELONG TO US but I'm feeling too conservative to use it, today."
  • HomeRF had the FCC approve a change to its implementation of FH in 2.4 GHz which boosts it to 10 Mbps in its 2.0 version, and up to 22 Mpbs in a not-yet-released 3.0 spec. The HomeRF group claims to be ready to ship by summer a variety of devices. The 5 GHz range will be dominated by 802.11a. I don't know whether its FH or DS, but FH doesn't make sense given the DS involvement in 802.11b. "a" should operate above 50 Mbps according to manufacturers. Expect delivery of equipment later this year or early next year. They will make access points with both 2.4 GHz ("b") and 5 GHz ("a") chipsets and antennas to handle transition from b to a, especially in enterprises. Here's the 802.11 (wireless LAN) IEEE workgroups site: http://www.ieee802.org/11/index.html and an excellent summary http://www.eetimes.com/story/OEG20001002S0048
  • "Intel sponsored the study because a year ago Intel was full-blown behind Bluetooth. Bluetooth has since died a nasty death, and Intel has changed courses to embrace Wireless Ethernet."

    This is horribly misinformed. Bluetooth hasn't died; it hasn't really shipped. It will, almost certainly. Intel didn't drop Bluetooth; it dropped HomeRF, a competing high-speed networking standard. Bluetooth's purpose is wholly different - mostly for very low-power synchronization and info exchange, like synching a Palm with a laptop, loading phone numbers into a cell phone, etc.

    We'll see if Bluetooth lives up to it. But Intel is pouring lots of cash into the hole, as are several other major chipset makers and many many hundreds of manufacturers. As with cell phones that browse the Web, the design will determine it's really useful and consumers (business and home) actually want it.

    But it's coming. 802.11b and Bluetooth won't be competing; they'll be complementary, because 802.11b, for the foreseeable future, takes up too much power, and won't be cheap enough ($20 vs. $5 ultimately) per chipset to integrate into the simple devices that will use it.

  • Actually, Airwave is one of dozens of companies, including MobileStar, WayPort, Surf and Sip, etc. All of them have networks of varying size. Most of the major airports in the US should be wired by year's end. Or, rather, unwired.

    In Sweden, Telia has put WiFi in quite a few locations, and is about to expand in partnership with SAS to a number of European outlets, and a couple in the US - all SAS waiting lounges.

    The deployment is underway; the real problem is roaming agreements, so you pay a single monthly fee and can access all networks. There are some problems with that, of course, because of the nature of access points and access lists. Too long to go into here.

    I wrote about this at length back on Feb. 22. Here's the NY Times link (no reg required link): http://www.nytimes.com/2001/02/22/technology/22WIR E.html?pagewanted=all

  • by b0iler (316609)
    ffs, read /. more ;) there has been a few articles on WEP insecurities now. ieee has gotten alot of flack for their new release of this (802.11) standard.
  • by petong (320755)
    just set up your wireless network in a dmz. What's the big deal?
  • How secure are cables really? In a lot of cases its fairly easy to get access to cables (I think of the DSL connection running through my outdoor telephone closet, for example).

    In office buildings it's often even easier.

    The real solution is to use encryption at a higher (lower?) level: IPSec or so. I don't know why this is not becoming a common practice yet, but I suspect the difficulty of software setup is one of them.

    When I complained to some (fairly intelligent) friends about the security of wireless LAN, and how I didn't trust it because the MAC addresses are always plaintext, they replied that if there where security issues, surely big companies like Lucent would have fixed it by now, right?

    Kind of shows the average attitude towards security. Most people just don't give a shit.
  • by gd23ka (324741)
    The big deal being that a DMZ is already a trusted area on the network. I guess if your organization is hooked up to the internet and you allow access to (sensitive) appplications by encrypted VPN you could sandwich the access point between a firewall to the internet and a firewall to a DMZ. Treat AP traffic like you would treat traffic coming from the internet.. net ----|Internet FW|--|Wireless AP|--|DMZ FW|-- If you want to provide free access to the internet to the masses the fw on the internet side is optional of course :-).
  • I'm going to run out to Frys right now and find a serial cable that will connect my Orinoco card to my Airport.

  • It's the thing you click [earthlink.net] on that's supposed to GO SOMEWHERE.

    BTW, YHBT HAND ;)

  • with the right hardware you can drive at 25Mph and locate and assocate 3 to 5 networks every block.

    From a high building with line of sight and a directional antenna it is not hard to connect to a LAN several miles away.

  • WEP shared key authentication has been known to be weak for a long time. Most products use open authenticaiton which is better. In this case they need the same WEP key and SSID to talk, but its not used in the initial negotiation. You can also turn the broadcast of the SSID off.

    Products like Cisco's Aironet have implemented additional security enhancements, such as dynamic WEP keys using LEAP, which reduces the risk dramatically.

    Wireless still isnt overly secure, but if used with all the available security measures can be a mitigatable risk. Then there is minimising RF leakage....

Make sure your code does nothing gracefully.

Working...