Wednesday, May 19, 2010

.

Cracking down on cracking?

So, it turns out that on the streets and networks of China, you can buy cheap (less than $25) kits that have everything you need to sneak onto people’s wireless networks quickly and easily. Their sale is illegal, but that seems not to stop folks.

And, you know: it’s hard to get excited about this. It might actually be fun to buy one, just to play with it. But get outraged? Nah.

As the article says, the protocols securing home networks are so weak that they’ve been easily crackable for a long time, and “tutorials on how to crack WEP have been online for years.” It used to be that anyone who could sit in front of your house for an hour and knew what she was doing could break into your network. That soon went down to half an hour, and then ten minutes — ten minutes with a Linux machine, a little software, and a little savoir-faire. All these kits do is eliminate the need for savoir-faire.

The home version of WPA was introduced as a stop-gap measure. It’s better than WEP, but only somewhat: it doesn’t have the protocol weaknesses of WEP, but it’s not strong enough to be secure with today’s computers, at least not with the typical sorts of passwords that people use. And it’ll be quite some time before we’ve moved to WPA2.

That the cracking hardware and software are now all sold in a tidy package that Ma Po can take wardriving is no surprise, and nothing to be worried about. If you really care about securing your home network, use WPA2 if your hardware supports it, or WPA otherwise, and use a long, complex password that uses a good mix of characters.

Alternatively, consider that you needn’t care whether someone can get onto your network, and make sure your networked computers are properly protected against intrusion. Then you might even leave your network open, to be nice to your neighbours.

1 comment:

Ray said...

For a while I used to take quite seriously the protection of our wireless network... until it finally dawned on me that detecting the signal would require being parked in our driveway, and I might find that a little suspicious! Even if the hacker hid in the woods closer to the house, (s)he would still face our other natural security measures: ticks, poison ivy, and our ever-vigilant dog.