INDEPTH: COMPUTER SECURITY
Protecting your personal information
CBC News Online | Feb. 18, 2005
WIRELESS NETWORKS | »PHISHING | »SHOPPING ONLINE | »SPYWARE | » COOKIES
Going wireless
Going wireless can be convenient, but security can be an issue.
|
More Canadians are setting up wireless networks to connect computers in different parts of their homes. All it takes is a wireless router plugged into the internet and network adapters for each machine. Instead of long cables, radio signals are used to connect the computers, allowing them to share that single high-speed connection. Wireless networks are easy to set up and relatively inexpensive. But with convenience comes security issues.
Going wireless means your internet connection is broadcasting outside your home.
These high-frequency networks have a range of about 30 metres or more, travelling further than the walls of your house.
Mark Tauschek, chief operating officer of consultant firm Wireless Friendly Inc., says that very few home users realize that they have to secure their networks: "They just plug it in, it works and that's all they care about … but that's like having a live internet connection right outside their house for anyone to use."
WHAT IS WI-FI?
|
Wi-Fi stands for wireless fidelity. It is also known as 802.11 networking and wireless networking.
More» Internet speak
|
Without any security, anyone with a wireless-enabled laptop or handheld computer can use your network. They can get free internet access, steal information stored in your computers, or use your system to attack something else.
This security weakness has led to wardriving, which involves driving around with a wireless-enabled device and finding wireless networks.
There are those who consider it a hobby; they do it out of curiosity and to call attention to the extent of the security problem. Then there are those who use wardriving for criminal intent. Identifying the networks isn't illegal, but accessing them is.
There are no definitive numbers on how many homeowners' wireless networks are compromised every year, but Tauschek says it's happening.
"People are responsible for securing their network so that others can't use it to do something illegal. And it happens, it happens all the time."
– Mark Tauschek, Wireless Friendly Inc.
|
In 2003, a Toronto man was charged after police found him driving half-naked, using a wireless internet connection from one of the houses to download child porn.
"In that case, he was caught," Tauschek says. "If he hadn't gotten caught and there was an ongoing investigation … police can be knocking at your door for accessing child porn sites."
Tauschek estimates 60 to 70 per cent of home user wireless networks are completely open, with no security measures in place. "About 40 per cent are left in default configuration, pretty much the way it comes out of the box."
If a hacker can identify what hardware is being used on the home user's network, he can easily find out the factory settings that came with the device; if a user hasn't changed any of the settings, then that network is wide open to the hacker.
"Bottom line is that the end user is responsible for their internet connection. If someone else uses it to do something illegal, the onus is on you to prove that it wasn't you. And how do you do that if there's no way to identify who was in your network at any given time."
Help secure your wireless network
Like everything else that involves the internet, there is no absolute protection for wireless networks. Those with intent will try to break in; you need to layer your security measures for deterrence. If you secure the wireless end of your system, protect your computers and follow safe practices (see Top tips and safe practices section), it's more likely intruders will move on to another, more vulnerable system.
- Change the SSID default setting and turn its broadcast off.
Service Set Identifier (SSID) identifies the network name. Wireless network devices use it to tell wireless networks apart.
If a home user doesn't change the out-of-the-box setting, hackers who know that the
network exists can systematically enter all the known default settings until they hit
upon the right name.
When changing your SSID, don't use your address or your last name, says
Tauschek. "The SSID shouldn't identify who or where you are."
- Change the default password.
Use a strong password to protect your access point. (See the Safe practices section for more on passwords)
- Filter MAC addresses.
A Media Access Control (MAC) address identifies each device attached to a wireless network. You can enable MAC address filtering to specify which computers have access to your network.
Though some hackers may be able to get around this, it's another layer of protection.
- Enable encryption.
Use the highest level of encryption available to your network, says Tauschek. New models use Wi-Fi Protected Access (WPA), and older versions use Wired Equivalent Privacy (WEP), considered flawed by many security consultants. But it's still a form of encryption, says Tauschek, and again another layer of security. "Given that someone can drive another 50 feet and find another access point that's wide open, it's a good deterrent."
 NEXT: PROTECT YOUR INBOX
^TOP
|
|
 |
 MENU |
|
|
RELATED CBC
BACKGROUNDERS: |
|
|
| EXTERNAL LINKS: |
 CBC does not endorse and is not responsible for the content of external sites. Links will open in new window.
Wireless Friendly Inc.
|
|
| MORE: |
|
|
|
