Wednesday, September 12, 2007

WiFi Nightmares

If you like a good fright, here are a few of my worst WiFi nightmares for you.
  • Homeowners sometimes feel that they have nothing to steal and nothing to hide on their home computers, and so they install WiFi networks without any security measures. But there is a wealth of information on any computer that bad guys can use to steal someone's identity, and thats only the beginning.

    Homeowners who leave their WiFi networks unprotected may have their data and applications erased. They may have spambots or other malicious hacker applications installed. Their machines may be employed to share illegal music files or distribute kiddie porn. Then, one day, the FBI will come knocking.

  • Students spend a lot of time on the Internet, much of that connected to wireless networks at school, at home or anywhere else they happen to be. Music file sharing, like underage drinking, is illegal, but it happens. When it does, students can compromise the performance and security of the networks they are using and they can get arrested and/or get kicked out of school.

  • Business executives usually need to have file and print sharing enabled on their laptops for when they are in the office. On the road, many of these men and women check their email and surf the web in airport lounges, at Starbucks, in their hotel rooms, or anywhere else they find an open WiFi network.

    Unless a road warrior takes steps to protect him/herself, anyone else on an open WiFi network can scan his/her shared files and folders, looking for credit card numbers, usernames and passwords, trade secrets, and other confidential information. On line and on the road, opportunities for identity theft, insider trading, industrial espionage, blackmail or just plain embarrassment abound.

  • Professional people -- doctors, lawyers, accountants, investment managers, etc. -- have ethical responsibilities to exercise care and judgment in the conduct of their affairs. If they don't, they may face sanctions including disbarment, client outrage, fines, and even jail.

    Down the street from me, near a hospital, there is "Professional Building" with offices for doctors et al. Standing outside the office building, wardriving, you can pickup several unencrypted, open network signals. Doctors' offices have lots of valuable information that bad guys would love to have for the purposes of committing identity theft, credit card fraud, prescription forgery, et al.

    WiFi security is a dicey proposition. It is not something that many lay-people understand. All they know is that implementing security complicates matters both in terms of initial network setup and ongoing operation So, many people forgo security entirely, preferring to think that nothing bad is going to happen to them.

  • Troubleshooting WiFi networks is a time-consuming process which does not always yield a positive outcome. A positive outcome is defined as a happy ending that doesn't cost a lot. A happy ending is fast, reliable Internet/network access.

    But, if there are dead spots in your WiFi coverage area or if your Internet access is slow or intermittent, it could cost you a lot in terms of dollars and frustration to identify the cause and resolve the problem.

    Let's say you live in an apartment and one of your neighbors has an old cordless phone that operates in the 2.4 GHz frequency range. Whenever that phone is in use, your WiFi network crashes. Let's assume that you know nothing about the neighbor's phone. You only know that your network keeps crashing.

    So you summon a technician to resolve the problem. The first (and only?) thing a technician can do is undertake a process of elimination to isolate any hardware or software issues that might be causing the problem.

    Imagine that the network crashes while the technician is there because the neighbor makes a phone call. While the network is down, the technician swaps out your access point. Meanwhile your neighbor gets off the phone, so when the new access point is installed, your WiFi is working. The technician declares victory, gives you a bill and leaves. This temporary "solution" has cost you a couple of hundred dollars.

    There are tools (radio frequency spectrum analyzers) that can identify WiFi interference from cordless phones, Bluetooth devices, microwave ovens, radio jammers and other sources of electromagnetic noise. But these tools are expensive, and they work better in the lab, in the hands of radio engineers, than they do in the field, operated by your average computer technician.

WiFi, when it behaves, it is a pleasure to be around. But very often, WiFi is like a difficult child who does not always behave. It doesn't care who you are, or how much you've spent on your laptop. "You are not getting an IP address from me today, mister!"

If you have a WiFi nightmare you want to share, please post it here. TIA.

No comments: