Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security The Internet United Kingdom Wireless Networking News

Home WiFi Network Security Failings Exposed 161

Posted by CmdrTaco from the passwords-are-for-suckers dept.
An anonymous reader writes "The shocking state of home wireless (Wi-Fi) network security in the UK has been revealed by a life assistance company study. CPP used an 'ethical hacker,' Jason Hart, to test thousands of Wi-Fi networks across six UK cities, including London. He found that many didn't even have a password and roughly half of home UK Wi-Fi networks could be hacked in less than 5 seconds."
This discussion has been archived. No new comments can be posted.

Home WiFi Network Security Failings Exposed More

Home WiFi Network Security Failings Exposed

Comments Filter:

  • No password may be a feature not a bug (Score:5, Interesting)

    by kherr ( 602366 ) <kevin.puppethead@com> on Thursday October 14, 2010 @12:23PM (#33895856) Homepage

    There is no way to know if the open wifi networks are open intentionally or not. Just ask Bruce Schneier [schneier.com]. Saying they're "open to criminals" is biased, maybe "open to visitors" would be more appropriate. How come coffee shops and other businesses with open wifi aren't called out for letting criminals access the network?

  • OT Question (Score:3, Interesting)

    by rotide ( 1015173 ) on Thursday October 14, 2010 @12:29PM (#33895958)

    Honest question here. Say I wanted to setup and open a WiFi AP for neighbors to check email, etc, when their connection is down. How can I do that and not get screwed if they download kiddie porn or send a threatening letter to the white house? Yes, I'm in the US. I know I can use the TOR network, but frankly, I'd rather not. Is there any legal way I can share my network connection to those that need it without setting myself up for a world of hurt?

    Again, I realize this is OT, but it's an honest question.

  • Re:OT Question (Score:5, Interesting)

    by mellon ( 7048 ) on Thursday October 14, 2010 @12:36PM (#33896130) Homepage

    Yes. Vote in the November election. Lobby your congresscritters to keep the common carrier defense applicable to the Internet.

  • Lets face it... (Score:5, Interesting)

    by Darkness404 ( 1287218 ) on Thursday October 14, 2010 @12:36PM (#33896140)
    Lets face it, yeah, wi-fi routers can be hacked, yeah, a lot of people don't have secure wi-fi, but in all honesty does it matter to most people? Credit card information already should be encrypted with HTTPS so that wouldn't be sniffed, most sites let you use security to log in, etc.

  • Re:No password WiFi != unsecured (Score:3, Interesting)

    by gmack ( 197796 ) <gmack@@@innerfire...net> on Thursday October 14, 2010 @12:43PM (#33896300) Homepage Journal

    Do you filter outgoing mail and do you take any measures to prevent forum spamming?

  • Re:OT Question (Score:3, Interesting)

    by bsDaemon ( 87307 ) on Thursday October 14, 2010 @01:03PM (#33896702)

    Leaving your wireless AP open doesn't make you a common carrier. From Title II of the Communications Act of 1934:

    (h) "Common carrier" or "carrier" means any person engaged as a common carrier for hire, in interstate or foreign communication by wire or radio or in interstate or foreign radio transmission of energy, except where reference is made to common carriers not subject to this Act; but a person engaged in radio broadcasting shall not, insofar as such person is so engaged, be deemed a common carrier.

    Running an AP basically makes you a person engaged in radio broadcasting, and as we see, that is explicitly not covered. Likewise, if you're not carrying traffic for hire and aren't under an FCC license, then you are also not covered.

    But then again, this is Slashdot, where people keep repeating things they heard whether they actually know what they're talking about or not.

  • Re:Slow take up of WPA (Score:3, Interesting)

    by VJ42 ( 860241 ) * on Thursday October 14, 2010 @01:23PM (#33897118)

    Why is it so hard for industry (default configurations) to move from open or WEP to WPA? Sure, WPA isn't perfect, but it does represent a significant increase in difficulty for hackers.

    I use WEP+MAC filtering because I have a really old WiFi card that doesn't handle WPA and no reason to replace it.And to be blunt, that's just fine; it deters the neighbors enough to stop them using my 'net connection. It won't stop a determined hacker, but exactly when is that going to be a problem?

  • Re:No password WiFi != unsecured (Score:2, Interesting)

    by Albanach ( 527650 ) on Thursday October 14, 2010 @01:45PM (#33897470) Homepage

    Spoofing is misdescribing things a bit. It's not like spoofing an IP address where you present an address diffferent to that you're actually using and which can cause issues with a lack of return traffic (data being sent to the spoofed IP).

    Usually your MAC address can be user set using ifconfig - something like

    ifconfig eth0 hw ether 00:01:02:03:04:05

    That then becomes your MAC address. It's not being spoofed, it's the address your card has and will present when connected to a network.

  • Re:OT Question (Score:4, Interesting)

    by bsDaemon ( 87307 ) on Thursday October 14, 2010 @02:11PM (#33897916)

    Not in the sense of a W or a K station, but its still broadcasting radio traffic. It still doesn't make you a common carrier due to other restrictions. Most things people think are common carriers aren't and never were. Likewise, "safe harbor" means that if the carrier meets the requirements for compliance with CALEA, that they can't be held liable for not being able to do anymore.

    Either way, the end case is the same. Neither of these constructs have anything AT ALL to do with whether or not you're going to get boned if someone jumps on your AP and starts committing crimes.

Slashdot Top Deals

Happiness is twin floppies.

Close