My 8/12/07 Missoulian Column: Is your wireless security at your home and business up to the task?
So you’ve got Wi-Fi at home or work, and it’s great. You can sit in the backyard with your laptop and work, or use the internet from your desktop PC without having to run a network cable around the house.
But who set up your network, and is it safe? As I described last week: is it “open” like a Wi-Fi network at a coffee shop, so anyone can use it and sniff packets? Or, did you set it up with a password, so that your data and your communications are encrypted and safe?
In my experience, at least half of the home and business Wi-Fi networks in Missoula (and I learned this rough statistic this by driving around town with my MacBook and watching the networks come and go) are not as secure as they can be. Some are wide open and can be used by anyone without a password, and I covered the issues with that last week.
But it’s a bit more complicated. Of all the Wi-Fi networks that use password encryption, a good many aren’t really safe anymore. They once were, but times change, and now some forms of encryption can be “cracked.” That is, someone can intercept the data from your Wi-Fi, the encryption can be cracked open and your data revealed.
Lots of wireless networks in Missoula run an encryption scheme called WEP. That stands for Wireless Equivalency Protocol (now you can forget that, and just remember WEP). Running WEP means that a password is required to use the wireless, and that password – either a word you picked out or a random string of characters the software setup gave you – is also the key for the encryption that happens. WEP means that all the data flying between your laptop or desktop PC is encoded, so if someone is listening in, all they will see is what appears to be random letters and numbers, not your emails and private information. But the problem is WEP has been crackable for a few years now.
Remember the news stories earlier in the year about the retail store chain and the millions or so credit card numbers that were stolen from their network? That happened because the store equipment – the handheld inventory devices, the cash registers and the rest of the network – were running WEP. The story goes that hackers sat in a car in the parking lot and intercepted packets with a laptop and a home-made antenna. They used a common technique to ricochet some of those packets back at the wireless hardware and make it give up even more packets, more quickly than normal. That way they weren’t sitting in the parking lot for too long grabbing the quantity of data they needed in order to uncover the password and break into the network.
The reasons why WEP is crackable are highly technical, but very basically, WEP wasn’t designed very well. WEP sends out hints to the encryption password with many of those data packets, and if you catch enough packets, you can run a program that hammers away at the captured data until the password is revealed. With practice and a fast laptop, someone can crack WEP in minutes. Once you have the once-secret WEP password, you can join the network, capture everything, and decode the data with ease. WEP was crackable as far back as 2001.
The retail chain that got hacked should have been running WPA, a newer and stronger form of encryption. WPA stands for “Wi-Fi Protected Access”, and it’s one of the new standards for Wi-Fi security.
WPA works better than WEP for a number of reasons. One is that WPA uses a much longer password than WEP; a WPA passphrase can up to 63 characters long. The computing power it takes to crack a passphrase that long is considerable. A pretty good WPA passphrase is: Th2isis33a!pr7etty45go4od7pa6ss;phra8se4for2wp?aencryp4tion. An even better one looks like this: Tj5JrKsrW6uvwGGENXQxfawiCHjmvSMLHDeuNyBmEXv9aZOKqrDUSjsujMbhMmk.
Reason two is that WPA broadcasts fewer clues to the passphrase than WEP does, so the passphrase it tougher to pick up. WPA does a much more sophisticated “handshake” routine when your PC calls the router for a connection. That and other technical points, like being less susceptible to ricocheting packets are good reasons to use WPA instead of WEP.
To make things a little more complicated, there are different flavors of WPA. If you’re a home or small business and don’t have the more expensive network server setup, you’ll be using WPA Personal (also called WPA-PSK) rather than WPA Enterprise.
And, like anything in the computer world, there’s something new all the time. WPA2 came out a few years ago and is stronger than WPA. WPA2 pretty much standard if you buy a new PC or wireless router or card for your PC. But some older PC’s and laptops don’t have the necessary hardware to use WPA or WPA2, and even if you have other new hardware that can handle WPA, the older stuff will automatically fall back to WEP in order to keep working.
Is WPA hacker proof? Some people can crack WPA. It’s not a huge problem, as it usually takes lots (days, weeks, or more) of computing time to “brute force” or guess the passphrase with a dictionary file. So it’s a good idea to use words in your passphrase that aren’t in a dictionary, or use the random passphrase generator that is built in some wireless routers.
How do you check if you’re running WEP or WPA? If you set up your own network, check your wireless network settings in your laptop or PC. On WIndows, your wireless settings are in your system tray. On a Mac, they’re in the network control panel. Read the instructions that came with your router: lots of times WEP is the default, so look through the configuration menus for WPA. And use the longest possible passphrase.
If you’re shopping for new gear, the most recent routers feature what’s called Wi-Fi Protected Setup; it’s an automated software setup that guarantees a secure WPA environment.
Links from Wikipedia:
Wi-Fi, Wi-Fi Protected Setup (WPS) , Wi-Fi Protected Access (WPA) , Wireless Encryption Protocol (WEP).
GRC’s Ultra High Security Password Generator
How Credit-Card Data Went Out Wireless Door