Bookmark and Share

Mac Corner: Securing your wireless network

  
By Larry Grinnell, Palm Beach Phoenix Apple Users Group

larry grinnellThere’s been a lot of talk lately about the use of wireless networks and how much security do you need to protect yourself and your computing equipment.

The emergence of wireless network standards has untethered computer users from fixed locations, permitting laptop users to use their devices pretty much anywhere in their home, office, or their favorite restaurant or bookstore. The addition of the various iDevices (iPhone, iPad, etc.) into the mix has further untethered users and provided the freedom to move around, yet stay in touch and remain engaged in their regular pursuits.

There are several different types of wireless networks out there — each with unique strengths and weaknesses.

First, there are the wireless services provided by the cellular telephone carriers, in particular the 3G and upcoming 4G services. These offer relatively good performance, and their underlying technology includes built-in encryption from the wireless device to the point where the wireless network marries up to the wired network. These encryption standards are fairly good, and would require expensive technology to crack those networks.

It’s hard enough that bad guys are less likely to try to crack 3G or 4G services unless a specific individual was being targeted, and it would really have to be worth the effort. It’s actually more likely that bad guys will exploit security flaws in the wireless devices themselves in an effort to get credit card numbers, passwords, and other such information. Apple is not alone in putting out updates to the iDevices to make them more secure. Virtually all the phone manufacturers have had to deal with this issue. Some would say phone manufacturers haven’t done nearly enough — something to discuss in a future article.

Second, is the constantly evolving set of standards known as Wi-Fi (IEEE 802.11a/b/g/n). Wi-Fi devices have been around in quantity since the early-2000s, and have found their way into homes, offices, and commercial establishments (airports, restaurants, bookstores, etc.). Improved software has made installation and setup ridiculously easy, and with improved standards, speeds approaching those of wired networks are now possible. That’s the positive aspect.

The negative aspect is security, and it’s entirely up to the owner of each wireless network to properly secure it. Unfortunately, many people who have a Wi-Fi network running in their home do not secure it in any way. We’ll come back to that in a moment.

There are three security standards that can be set up for Wi-Fi networks: WEP, WPA, and WPA2.

WEP (Wired Equivalent Protocol): This obsolete standard was part of the original 802.11 protocol. Unfortunately, while it’s easy to configure, it’s even easier to crack. With WEP cracking software freely available on the Internet, bad guys can break into a WEP network in a matter of minutes.

Once they have access to your network, it’s a short trip to using your connection to surreptitiously access the Internet and run a drug business, trade in illicit pornography, and any number of illegal activities. Bottom line is that this security standard is worse than no security at all, only because it gives you a false sense of security thinking, “I’ve got a password. I’m safe.” Nothing could be further from the truth. Never, ever use this security standard. Why it is still provided on new wireless routers is beyond me.

WPA/WPA2 (Wi-Fi Protected Access, first and second generation): WPA, or actually, WPA2 (a newer, improved standard), when used with a relatively long password containing upper and lowercase letters, numbers, and punctuation characters, is about as secure as a consumer product can be. If you secure your wireless network with a password of ten or more characters, using the mixed character set just described, your network is virtually uncrackable, barring access to a supercomputer for several months in an attempt to try every combination.

One of the best ways to create a password for your network is to use a common phrase, but mix it up with special characters. For example, “Mary had a little lamb.” You can change that around to “mAry 4aD @ L1tT13 7AM#”.  Obviously, you need to write this down and save it somewhere. Check your wireless router documentation to see if you can use spaces in your password, as some do not permit it. You should only need to use this password to set up your wireless router, and set up each wireless device you wish to attach to your network.

Finally, to answer why you should never have an unsecured network, I touched on it briefly in the discussion on WEP encryption. Understand that there are bad guys out there who will drive through a neighborhood using scanning software to identify every wireless router that has no encryption or maybe WEP encryption. Once they’ve identified one or more connections, they just park their car on the street, and connect to the Internet using your connection.

Aside from the increase in bandwidth, slowing things down for you, these bad guys are using your connection to perform any number of illegal activities. If they are being watched, due to whatever they are uploading or downloading, law enforcement agencies are going to look at just one thing, at least at first: your IP (Internet Protocol) address. A wireless router permits any number of devices to share a single IP address, so the bad guy will be using the same IP address as everything else on your network. Guess whose door is going to be knocked on by law enforcement agencies? The correct answer is your door, and you’ll have lots of explaining to do. Oh, you’ll eventually be exonerated, but the hassle, and perhaps even temporary confiscation of your computer gear will certainly be a big inconvenience.

Another hint that may protect you from identity theft. Do not use wireless hotspots at neighborhood bookstores, restaurants, etc. to transact business where passwords or credit card numbers might be used. The person next to you, or a few tables down, might be using software that captures everything you are doing on your computer because those wireless hotspots are NOT secure. They are not using encryption of any sort. The fact that you might have to log in does not necessarily mean that having a password is the same thing as having data encryption. Be very careful about what kind of transactions you perform on these public wireless hotspots.

Some would say that configuring the security functions on wireless routers only attracts bad guys, because of the assumption that having security means there must be something of value there, or that if you are an honest person, you have nothing to hide, so you don’t need security. WRONG! The number of bad guys is growing every day.

When it comes to computer security, paranoia is a very, very good thing. For those who think that computer and wireless security is bunk, well, please feel free to go right ahead and keep believing it. I’ll be there to hand you a crying towel when your bank accounts are emptied, or your credit card is seized by a bad guy, and keep telling you “I told you so.”

In the words of that great police sergeant from the long gone TV cop show Hill Street Blues, “let’s be careful out there.”

EDITOR'S NOTE: Readers are welcome to comment on this or any Mac Corner columns by visiting the Palm Beach Phoenix blog as well as by writing the editor of Palm Beach Business.com.

Mac Corner runs every Wednesday only in Palm Beach Business.com. Click to read the previous column.

About Larry Grinnell: Larry has been working with Macintosh and Windows PCs for over 25 years and worked as a senior technical writer and IT support professional for a major midwest-based consumer electronics and telecommunications equipment manufacturer here in South Florida. His musings on a wide variety of topics from computers to jazz guitar to strange foreign cars from the 1950s can be viewed at the MyMac.com website. Click here to reach him by email.

palm beach phoenix logoWriters of this column are members of the Palm Beach Phoenix Apple User Group, a nonprofit organization for Apple Computing Device Users, recognized by Apple Inc., with the purpose of providing educational training and coaching to its members (students, professionals and seniors alike) in a cordial social environment. The club meets the second Saturday (1-4 p.m.) and fourth Wednesday (6-8 p.m.) of each month at the Fire Station #2, 4301 Dixie Highway in West Palm Beach (just two block south of Southern Boulevard). Click here to visit their website. Click here to reach them by email.

PeachPit (Pearson Education)
Keep up with YOUR community. Receive our FREE email newsletters!
For Email Marketing you can trust

Follow us on TwitterPalm Beach Business.com on LinkedInFOLLOW US ON FACEBOOK


The Outlok effective affordable advertising



Openings at $75K to $500K+
ad for tina pugliese's column
PeachPit (Pearson Education)

CompUSA
DELRAY'S ONLINE BUSINESS AND COMMUNITY NEWSPAPER — PALM BEACH BUSINESS.COM
   
palm beach business.com
  JANUARY 19, 2011 click to go home
 
         
Delray's Online Business and Community Newspaper
click to go back to the top