Wireless World

Posted on Fri 19 October 2007 in geek

Yet another report has come out on how badly broken Wi-Fi "security" is. It's mainly talking about WEP which is the most rolled out method, however WPA is not without it problems (lest of all for me finding decently supported cards for Linux).

People often query why I leave my home wireless network open to all. Well in part it's a convenience thing so I don't have to give guests long hex strings so they can browse the web in my house. However the clue is in WEP's name, "Wired Equivalent Privacy". Wires are certainly not inherently more secure than wireless, it's just as easy to sit on a wire and snoop traffic. The true security approach is to assume someone can always listen to you over the wire/air and establish security you can be more confident with. For me this involves ssh and TLS when I don't want stuff to be seen in plain text. It would involve PGP if I ever wanted to send something secure in email.