Sound off: Why worry about wireless?
- — 27 September, 2007 16:01
Editor's note: Computerworld editors David Ramel and Preston Gralla disagree on the security threat posed by wireless networks. In this article, Ramel alleges that the threat is overhyped, that it's now trivial to secure wireless nets and that IT pros have far more serious security concerns they should be addressing -- while home users have little to lose even in the remote chance someone tries to breach their network.
In Why you need wireless protection, Gralla presents his case that wireless networks are indeed a serious vulnerability. He also provides tips on how to secure a wireless network. Both editors wrote their articles without having read the other's.
Want wireless security? Fine, click the WPA2 button during your router setup, enter a key, change the default log-on, and you're good.
Still worried? Fine, turn off SSID broadcast, and you're good.
If you're really paranoid, you can even filter MAC addresses so only the devices you specify can connect to your wireless network, and you're good. You're still done in under five minutes.
Meantime, you might want to think about whether or not Joe from Accounting is locking his car doors when traveling around with a laptop that contains tens of thousands of customer names, account information and Social Security numbers. Reading the news lately, I think you have bigger fish to fry than the relatively trivial matter of securing a wireless network.
Sure, Computerworld and other IT trade sites keep pumping out the wireless security tips, but wireless isn't new any more. It isn't a wild 'n' woolly frontier being explored by cutting-edge first-adopters ignorant of security issues and reluctant to jump through numerous hoops to be safe.
Everyone gets it now. These days, you have to want to be hacked if you're running an insecure wireless net. You practically have to beg for it.
Even home users get it. I used to drive around with NetStumbler and find all kinds of unsecured nets. No more. Even though they have very little to lose and the odds of losing it are slim, home users are securing their wireless operations like never before.
Shock and ignorance
I once asked on this site exactly how a wireless hacker could steal valuable information from a home wireless network, and no one had an answer. Readers were full of dire warnings and expressed all kinds of shock at my ignorance, but no one could provide details about how it's done.
Sure, someone could "steal" your bandwidth. But how many movies would they have to download before you even noticed a slowdown?
Sure, they could download child pornography using your Internet connection. But how many pedophiles are likely to be parked outside your house or live within range?
All these things could conceivably happen, but my point is that it's extremely unlikely anyone will even try -- and it's really easy to stop them if they do.
But if you're running a corporate network with valuable data to protect, you can't take any chances. Which is why vendors have made wireless security so simple.
At the time I'm writing this, I haven't yet read Preston Gralla's articles on why you need wireless protection and how to secure your wireless network, but I've read so many of these articles that I can reel off the likely top tips without doing any research at all: Change default log-in and password; change default SSID; enact WPA2; turn off "broadcast" mode of your device; and filter MAC addresses so only those devices specified can access your network. I've set up a few wireless devices, and each one explained pretty clearly how to secure the network. There's no excuse not to do it.