UN Advised on Wireless Insecurity 81
otisaardvark writes "There's an article on the BBC about how the UN is being briefed on the problems of wireless networks. Predictable conclusions - security is mainly compromised through human, not technological factors."
Secure? (Score:2, Interesting)
Although it is encrypted, it is most likely that within two years, it will be possible to crack this.
Cables are securer.
Feeling secure? (Score:2)
Cables are securer.
With a wire cutter I can crack a cable today. Cables are not more secure. They are just slightly less accessible.
Cables are securer? (Score:1)
Chances are I could walk into you company, put a box on a desk, plug it into the wall and come back next week to collect it without anyone noticing.
Your cables are just as naked as your wireless is.
You want real security? Think biometrics. Think Faraday Cage.
Re:Cables are securer? (Score:1)
> Think biometrics.
Not even close. Biometrics are horrible for data security. In fact biometrics are horrible for almost all security situations. Consider the attack you put forth (walk in company, place box, plug in, collect later). Biometrics won't stop you from walking in, although it will make it marginally more difficult, you will still have to wait for someone to open a door, and then you follow them in. Placing the box will not be any more difficult, it is your box, the only protection is what you want on it. Plugging the box in will be no more difficult, a wall plug is just a wall plug. Collecting later will be marginally more difficult because you have to gain access again. Biometrics will not cause problems with the data you retrieve since biometrics cannot (yet) be used for encryption. Biometrics fails the very attack you put forth. Biometrics fails.
> Think Faraday Cage.
Simply infeasible. The closest you would get is the NSA building, and it leaks trace amounts through the windows. At the time of it's construction the window leakage was considered below useful threshholds, now I have strong suspicions that it is possible to detect and decode the emissions. The only saving grace you have is the proliferation of computers this pollutes the leaked streams making them significantly more difficult to decode.
On the original topic. The solution I've had in place for about a year is to run everything in house over IPSec. There is a wireless connection, but unless you can log into the VPN you won't get any further. Turns out to be pretty easy to setup, and while I have had the wireless "hacked" they didn't get any further. Of course this is a bit heavy handed for a major installation, but as a cryptographer I am working on a tear out and replace protocol without all the extra cr*p that 802.11 keeps trying to put into WEP, instead I'm basing it more on a secured IP network.
Re:Cables are securer? (Score:1)
If I just strode over the box, I most certainly would know someone where trying to get data from me. Then I could go to the police. But If I did not know about it, it would be a bit lame.
Imaginine an ordinary day at a police station;
Me:Hello. It might be that someone is tapping my wireless ethernet.
Police: What makes you belive so?
Me: Nothing...But indeed they could. They could be standing outside the building. And if they do, how should I detect...
Police:Well...As long as the crime is not done yet, it is not anything we can do.
Me: But it is important. I am dealing with secure stuff. You have to post at least 10 man searching everyone who pass inside a 150 yard circle around the builing.
Police: Sorry. We canæt do that.
It's like cellphones all over again (Score:5, Interesting)
Cellphones were new, and people just wanted them for the coolness/convenience factor and didn't realize the security ramifications.
In the corporate world there's a certain apathy to hackers. Many execs think.. 'No hacker would be interested in our data, it's just boring business stuff'. That may be so, but when the cops are sniffing your CEO downloading kiddy porn and some script kiddie has just deleted all of your mail, you will think again.
Wireless networks are similar to cellphones in this regard. Companies think they're cool and convenient, so they're hopping on the bandwagon.
So, we need to do what they did with cellphones. Digitally modulate the data over the wireless network and encrypt it within the hardware. Waiting for people to install their own security systems is futile. The manufacturers should make wireless devices encrypt on the fly, just like cellphones do.
This will benefit most companies, since they can dabble in inside trading, downloading warez, etc, and the Feds won't be able to track it, so it benefits everyone really.
Re:It's like cellphones all over again (Score:5, Interesting)
Why doesn't anybody ever release the secure version in the first place?
Re:It's like cellphones all over again (Score:1)
Re:It's like cellphones all over again (Score:2, Insightful)
Then they won't be able to charge you twice.
Re:It's like cellphones all over again (Score:2)
Re:It's like cellphones all over again (Score:4, Insightful)
This has been pointed out before by a zillion different people but some might be new to the thought; If all traffic were encrypted in the first place then we wouldn't ever have had all these problems with sniffing. Of course any packet sniffing you want to do would have to be done on the destination or the endpoint, so perhaps only the significant part of the payload should be encrypted while the control messages (at least those for handshaking) should be let alone.
If ALL traffic were encrypted the difficulty of intercepting "important" encrypted messages would go up and become much more difficult.
Re:It's like cellphones all over again (Score:2, Informative)
Probably because when IP traffic was developed, computers weren't fast enough. You do know TCP/IP has been around before 1993, right?
Even if encrypted IP was put in place before the Internet went public, 386/486 class computers that were common at the time could barely keep up with unencrypted traffic over fast modems. Remember when your browser rendering speed was more important than your connection speed?
As far as cell phones go, I might be talking out of my ass here, but I know the FCC has rules against encrypted transmissions on many bands. I wouldn't be surprised if it was (still is) illegal to encrypt cell phone traffic.
Re:It's like cellphones all over again (Score:2)
GSM has encryption as part of the protocol. It isn't very good encryption - it has been cracked - but I guess it would at least deter casual sniffers. There are now several GSM providers in the US, although they operate on a different frequency from most of the rest of the world.
Re:It's like cellphones all over again (Score:1)
As this page [leeds.ac.uk] says, "A5 is a stream cipher, and the keystream is the xor of three clock
controlled registers. The clock control of each register is that register's
own middle bit, xor'ed with a threshold function of the middle bits of all
three registers (ie if two or more of the middle bits are 1, then invert
each of these bits; otherwise just use them as they are). The register
lengths are 19, 22 and 23, and all the feedback polynomials are sparse.
registers 1 and 2, work out register 3 from the keystream, and then step on
to check whether the guess was right). 2^40 trial encryptions could take
weeks on a workstation, but the low gate count of the algorithm means that
a Xilinx chip can easily be programmed to do keysearch, and an A5 cracker
might have a few dozen of these running at maybe 2 keys per microsecond
each." There is some code as well for the crack itself.
Enjoy!
Re:It's like cellphones all over again (Score:2)
well, that would be what the security part of IPv6 is for.
it's been backported to IPv4 (the current TCP/IP we all know and love) as IPSEC
you can get the freeswan version for Linux for free, then
make yourself a VPN and refuse to route data from the
wireless that doesn't come over the VPN address range
that will stop 'em
Money. (Score:1)
So I say, let most of the traffic be unencrypted so that the [insert same favourite government agency here] doesn't have a hard time finding illegal activity so that their "need" to crack encryption (at least from [government agency]'s point of view) is small.
That said, most of the really bad evils already use encryption, so maybe it's a moot point. Maybe.
Re:It's like cellphones all over again (Score:4, Insightful)
Why sell anyone the secure version when you can sell them the insecure version AND the secure version, in that order?
Re: Because of version 1.0... (Score:2)
- Very insecure (no passwords, all users can do everything).
- Have a bad GUI (noone knows how the users will use it yet).
- Filled with bugs.
And since noone ever has time for a complete refactoring of the code (not a rewrite from scratch)... then that stuff usually never gets fixed in future versions.Re:It's like cellphones all over again (Score:2)
Like BlueTooth, for example? With a specification so incredibly complex that none of the potential manufacturers have a clue how to make compliant products...
Then compare that with POP or HTTP, where you could probably write the server in a single line of code, with the right programming language. Seems to be easier to support, and you can add an optional security layer later without much problem.
Re:It's like cellphones all over again (Score:1)
Manufacturers of any consumer electronics aren't going to add security features without a quantum shift in the way consumers evaluate technology, for the following reasons:
The danger of defaults... (Score:5, Insightful)
Some people actually want to provide free bandwidth to the community, and I can't blame them for that. However, users need to know when they set themselves up with no security, that will be interpreted by the world as an open invitation for the public to come on in. If you want to block that, enable some sort of security.
Tuned-in and turned-on (Score:5, Interesting)
I never got into blue-box stuff, but pre-scrambled cellular was heaps of fun.
Re:Tuned-in and turned-on (Score:1)
Re:Tuned-in and turned-on (Score:1)
- A pissed-off shopper calling Amex while standing at a checkout counter. Yes, I even got his mother's maiden name.
- A cop talking to an informant. Early on, the cops had no clue that we might be listening to them.
Ah, what fun.Just human factors? (Score:5, Insightful)
Wireless will continue to have security issues as long as the underlying security technology is broken and is hard to deploy in a secure, stable, and manageble fashion.
That's a technology factor in my book.
Re:Just human factors? (Score:5, Insightful)
Or is it? (Score:2)
With WEP, people may think that since it isn't sent in the clear, they don't have to go and encrypt their IP traffic which is going over it.
802.11b can never be secure. (Score:5, Insightful)
Presumably this is referring to the human failing that was responsible for the flaws in 802.11b design? 802.11b simply *cannot* be made secure. Beacon frames are not encrypted, MAC addresses are not encrypted. Capture approx 1Gb of network traffic and you can decrypt the WEP key. Once you do that, you are in. There is little difference between the time needed to crack 40bit and 128bit WEP keys.
Do not deploy an 802.11b network in an environment where you would not fix cabled LAN ports to the outside of your building with flashing neon signs pointing to them with "PLUG IN HERE!" written on them.
Roll on a truly secure standard.
Re:802.11b can never be secure. (Score:3, Insightful)
the major problem with wireless... (Score:5, Interesting)
But, not only can you break into the network, most of the time, you can actively listen in, and just record everything until you get the encryption code in the future (which is actually a pretty easy thing to do with some social engineering.)
If you want the data to be secure use fiberglass wiring, it is the most secure, but if you want convinience, then you'll have to trade off some of the security in enchange for a easier system to use. It's really as simple as that. It's not the human factor, is the human desire for convinience that commonly leads to the largest security breaches.
Re:the major problem with wireless... (Score:2)
Why is it insecure (Score:3, Interesting)
For example, are the data links insecure--I dont think so as most are now 128bit encrypted, right?
could it be that access to the local net offering a way around the firewall? Dont some, or maybe all, wi-fi links have built in capabitlity for password protected connections. If so does this not make them as good as any firewall?
So is the whole problem just people not activating these feature? if so is this not just the same as any other unprotected wired network when people dont turn on their firewall?
Re:Why is it insecure: follow up (Score:3, Interesting)
COuld someone elaborate here. Why is a WEP key more vulnerable than say an SSH key? Why is it insecure to have unencrypted Beacon frames and MAC addressses. What info is being given up by these or how can these be exploited in a way particular to wireless?
and given encrypted transmissions why is WiFi more suceptible to man-in-the-middle attacks than any SSH connection?
Re:Why is it insecure: follow up (Score:3, Informative)
http://www.isaac.cs.berkeley.edu/isaac/wep-
The difference is that openssl is implemented more rigourously than WEP. IANAC (I am not a cryptographer), but it sound like the WEP folks put it into place without sufficient review and now we are stuck with a less-than-robustly-designed standard.
Sometimes, combining two encryption methods can result in something weaker than either of the two original methods, in that they kind of partially decrypt each other.
Re:Why is it insecure (Score:5, Informative)
>think so as most are now 128bit encrypted, right?
128-bit encryption without knowing the cryptographic algorithm used is meaningless as a definition of crypto strength, especially if the encryption is badly designed and broken; both of which are true for 128-bit WEP. Do a google search on it and you'll find the papers that describe the vulnerablility, and the tools to exploit it.
WEP is what hapens when non-crypto people design crypto.
Here's a starter link [counterpane.com] Look at the '802.11 Encryption" section
Why the UN? (Score:1, Funny)
Hrm... where's that foil hat, I hope I don't find another of those inside out cows.
Over and out.
I'm no expert... (Score:5, Informative)
Re:I'm no expert... (Score:1)
"Good enough" wireless? (Score:5, Interesting)
There could be specific weaknesses in my brands of hardware, but that's another problem.
Am I mistaken that this provides reasonably good security? I don't expect to screen out the NSA, but do most snoops. If not, can someone type up a checklist for the well-meaning but slight clueless 802.11 administrator?
Human error certainly includes misconfiguration, but if configuration is too hard for most people to understand I think it is the technology that is faulty -- human factors design and all that.
I'm glad they're making these weaknesses more public. Doonesbury did a good job in the Sunday strip a while ago.
Re:"Good enough" wireless? (Score:1)
Er... (Score:2)
VPN does raise the security bar, but isn't a direct answer to wireless security. I'd prefer all of my wireless communications to be private.
I also posted a follow-up to the original post which may clarify my intent.
Re:"Good enough" wireless? (Score:4, Insightful)
Short answer: Yes, you are mistaken.
Longer answers: Here, [berkeley.edu] here, [weblogger.com] or here. [shmoo.com]
Assuming your neighbors are clueless luddites who have to call you when their printer runs out of paper, WEP will prevent them from borrowing you Internet uplink bandwidth. Against a determined attacker, WEP, MAC filtering, and most of the other features built into modern 802.11a/b APs are ineffective.
On the other hand, you may not care.
Eg, my home machines are all secured and I do regular audits and scans. Any sensitive communication (eg, logging into a machine at work) happens over ssh and so is protected. So the only thing a script kiddie can do is watch my web traffic (which he is welcome to do), borrow my bandwidth (which would probably be noticed, and maybe try DoSing my home network (which is easy to fix).
All of the above was also true when my home network was wired. The move to 802.11b just traded a decrease in security for an increase in convenence (ah, reading /. while sitting on the deck).
As Schneier has said, security just buys you time. In the case of 802.11 (or for that matter, any wireless protocol), it takes significantly less time for the security to be breached than it would if the wired protocol was in use. If that worries you, don't use 802.11 networking, cordless phones, or cell phones, or adjust the sensitivity of your traffic to suit the medium.
Re:"Good enough" wireless? (Score:4, Insightful)
So what does that leave? That leaves people who happen on my network at random, and decide to try to use it for access or for kicks.
Maybe your area is different, but in my neighbourhood, I can't drive more than half a block without finding a completely wide-open wireless lan. The usual density is much higher -- three or four to a block. And this is just me driving with my iBook propped open! Imagine if I actually used an external antenna! What does this mean? Nobody is going to go bother randomly cracking my network just to get bandwidth, when they can simply select another network and get it instantly.
The moral of the story? Consider your risks. I feel I have very little to risk: I have no "intellectual property" to protect, really. My email is essentially public anyhow. My boxes are up to date and as secure as they can be (I think). Wireless network has the benefit of amazing convenience. It is a small risk that I mitigate to an acceptable level. Therefore, it's a managed risk. That's all that matters in security.
follow-up (Score:2)
Because any practical encryption can be cracked -- I assume SSL and whatever underlies ssh and, with difficulty, PGP -- what is "adequate" under what is currently readily available? ANything? I get the sense that breaking into a secured (not "secure") 802.11 link at least requires more than just getting a scanner to tap analog cellphones. (Remember Newt Gingrich's indiscretion?
Last, it should be reiterated that human weakness such as social engineering and administrator goofs is the most likely and traditionnal sources of security breaches. Thus a need for regular independent audits by trusted (gasp) humans.
Re:Silly Question (Score:1)
If you read the article, you'll find links on the right side to the report. Read it if you're interested.
-Ed
I don`t use WEP because.. (Score:1, Interesting)
I think it makes sense to treat your WLAN like a direct Internet connection, ie. all packets could be snooped/intercepted/changed etc. If you want security use ssh or https.
as secure as wired (Score:3, Informative)
Correction to Article (Score:2, Informative)
--
Ed
Key Scheduling of RC4 & Key Stream Reuse (Score:1)
Secure or insecure (Score:5, Funny)
"Wireless technology is going to be deployed across the globe either securely or insecurely" --David Black, Accenture
Now that doesn't seem obvious does it?
Just use standard security over wireless (Score:1)
Re:Just use standard security over wireless (Score:2)
For example, to tap into my wired network at home, you'd need to first get access to my house. This is dangerous, and there's a real risk of getting arrested. To tap into my wireless network, you'd need to sit outside my house for a few hours in a truck. It's much less likely you'd get caught doing that, and if you did the consequences would be much smaller.
Because of this, people who wouldn't dream of going on a burglary spree will cheerily drive around in a truck looking for wireless access points to use.
In other words, the barrier to breaking into a wireless network is much lower than for a wired network, so there are many more people who are willing to do it, so it's more likely to happen.
Re:Just use standard security over wireless (Score:1)
Human security is like obscurity.. Insecurity. (Score:3, Insightful)
Meatside wins. You know why? It's a hell of a lot easier to make Joe Blow think you're someone you're not, than it is to neutralize computerized security.
Remember kids, Mitnick "hacked" the minds of people more than he did computers. So did the other famous 'ev1l l33t h4x0rZ!'.
"Code Red!" you shout. "Nimda!" you cry. These incidents and others aren't even related to the above. These were the result of script kiddies and the weakness of human security. Any dolt who got nailed by Code Red, for example, deserved it - Microsoft had a patch out long before the shit hit the fan.
Wireless is a nightmare waiting to happen. It isn't secure out of the box. It isn't 'as secure' as hard wire, even if it is encrypted. One can just pull data out of the air with wireless; one needs to actually defeat rent a cops with water pistols to jack into a hard-wired system with a laptop.
What happens when the clueless do a wireless install at the office, fail to utilize encryption, and pretty much leave things wide open? Won't happen? It's happening now, and if the infamous Microsoft worms weren't enough of a display that it *will* happen..
Security. Ahh, blessed security. Fire your damnable MCSE's, take the donuts out of the rent-a-cop office and give out higher salaries all around.
Oh, and remember, make sure the 'computer-knowledgable' secretaries know NOT TO GIVE OUT THEIR FRIGGIN PASSWORDS TO ANYONE.
K thx bye.
Thank God (Score:1, Funny)
Last Post! (Score:1)
they seem. For instance, on the planet Earth, man had always assumed
that he was more intelligent than dolphins because he had achieved so
much -- the wheel, New York, wars and so on -- whilst all the dolphins
had ever done was muck about in the water having a good time. But
conversely, the dolphins had always believed that they were far more
intelligent than man -- for precisely the same reasons.
Curiously enough, the dolphins had long known of the impending
destruction of the of the planet Earth and had made many attempts to
alert mankind to the danger; but most of their communications were
misinterpreted
-- Douglas Admas "The Hitchhikers' Guide To The Galaxy"
- this post brought to you by the Automated Last Post Generator...