We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Wi-Fi vulnerabilities: Progress and pitfalls in 2010

Wi-Fi vulnerabilities: Progress and pitfalls in 2010

A look back at the last year's security scene

Article comments

The 802.11n standard was ratified in 2009 and Wi-Fi really took off in 2010, with support showing up in an array of consumer electronic devices. Unfortunately security related issues escalated right along with growing acceptance.  Here’s a look back at the Wi-Fi security issues that emerged this year.

Virtual Wi-Fi leads to rogue access points: The Windows 7 virtual Wi-Fi capability, or soft AP, became popular in the early part of 2010, with users downloading millions of copies of free programs such as Connectify to exploit feature.  But it didn’t take long for security experts to see the danger and warn organizations about the possibility of employees creating possible rogue access points using virtual Wi-Fi. These rogue APs can create a hole in your network security and allow an unauthorized user to “ghost ride” into the corporate network.  This type of access can be difficult to notice using traditional wire-side techniques, so experts advocated watching carefully for the appearance of rogue APs while upgrading machines to Windows 7.


MiFi gains popularity:  Steve Jobs experienced a Wi-Fi malfunction during the iPhone 4 launch in June 2010. An examination after the fact revealed that around 500 mobile hotspot networks were in use, supporting some 1,000 Wi-Fi devices. This incident brought to light the security issues that can crop up from use of MiFi, and experts suggest using dedicated monitoring solutions capable of detecting these unauthorized devices on a 24x7 basis.

Google’s Wi-Fi snooping controversy: In the middle of 2010 Google admitted that their cars used to collect Street View information also mistakenly collected payload data from unsecured Wi-Fi networks. Many viewed the act as a privacy breach because the data collected included personal information such as email, passwords, fragments of files, browsed Internet data, pictures, video clips, etc. The controversy was a major black eye for Google but served as a big wake up call for all those Wi-Fi users who still haven’t secured their Wi-Fi networks.  

Russian spies and peer-to-peer Wi-Fi links: The use of private, adhoc Wi-Fi networks for secret communication came to light when the FBI arrested a group of Russian spies who were using the tools to privately transfer data. Such adhoc Wi-Fi networks set up links between Wi-Fi users without using a centralized Wi-Fi router. Corporations are advised to deploy monitoring tools that can snoop out such connections.

Fake Wi-Fi stealing data from smartphones: Security experts discover that using a smartphone’s Wi-Fi capability to access an open or public network can lead to a vulnerability if the user doesn’t tell the phone to forget the network.  Users that don’t follow this advice are in danger of getting trapped into a fake Wi-Fi network by someone with malicious intents. Once trapped, users can end up leaking passwords and other private data, and might be at risk of malware and worms.

Share:

Comments

Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *