Monday, July 04, 2011

Wireless (in)security

For the past year a contact of mine has been carrying a wireless network sniffer around Gothenburg and outskirts. Hidden in plainview on his smartphone, steadily going wherever he went. Adding network after network. All while noting their coordinates, securitylayers and names. Now when the imagenumber of AP’s in his database has exceeded 11 000 he decided to share this data with me to try to make sense of the information and try to present the statistics in an orderly fashion.

Regarding security level it’s comforting to know that WPA is, by far, the dominating encryptionmethod.

11097 Access Points was detected. Of these there was 3468 using WPA2 Personal, 3561 using WPA Personal, 489 using WPA2 Enterprise, 119 using WPA Enterprise, 1706 using WEP and 1751 using no security at all.

Using no security can sometimes be justified. It might be a guestnetwork or it might be network with some form of authentication mechanism like a Radius-server or something like that. Therefore we’re not gonna read to much into the fair number of open networks in our fair city.

WEP-security however, it rarely justified. One reason might be that your Wii gamingconsole doesn’t support any higher encryption than WEP. That was actually true when I bought my console several years ago but I find it hard to belive they haven’t fixed that yet.

Another common reason noted is that the ISP is delivering their equipment with WEP-encryption predefined! This although their equipment still supports WPA2. With some ISP you can’t even manage your own network equipment. You have to call them over the phone (in this decade?) and ask them nicely to raise your wireless security to something that can’t be cracked in 4 minutes.

No comments: