IT fuel

Oct 19,2007
Source:bbc

More holes have been picked in the security measure designed to protect the privacy and data of wi-fi users.

The latest attack lets criminals defeat firewalls and spy on where someone goes and what they do online.

It comes after a series of other attacks that, experts say, have left the basic protection in wi-fi comprehensively "broken".

But compatibility issues mean that many will have no alternative but to use the much weakened protection system.

Lock picking

The basic security measure in the technical specification for wireless networks, 802.11, is known as Wired Equivalent Privacy.

WEP encrypts data flying back and forth between a computer and an access point to stop people spotting and stealing confidential information.

It does this using an encryption key but numerous attacks have shown how easy it is to get hold of this key and unlock access to the wi-fi network or your data.

"WEP as a security measure is so broken that your (and everyone else's) kid sister can easily circumvent it," said computer security researcher Ralf-Philipp Weinmann, co-author of the aircrack-ptw tool that can crack WEP in minutes.

Anyone caring about their privacy, said Mr Weinmann, should not use WEP to stop others using their wi-fi hotspot.

Mr Weinmann and his colleagues unveiled aircrack in early 2007 but prior to that three other research teams, in 2001, 2004 and 2005 showed how to circumvent WEP.

The latest attack, created by Vivek Ramachandran of AirTight Networks, tricks a computer into thinking it is logged on to a wi-fi network it trusts. It exploits the basic hand-shaking system in wi-fi to get hold of lots of data it can analyse to crack a key.

While the chance that someone will piggyback on your wi-fi network is low, there have been cases in the UK where this has happened.

In London one man has been arrested and charged under the 2003 Communications Act for using someone else's wi-fi link without permission.

Alongside this is the risk of people using your broadband connection for potentially criminal activity.

However, said Mark West of the home tech help company Geek Squad, many people are forced into using WEP despite its shortcomings.

"WEP might be all they can run," he said.

The well-publicised problems with WEP have resulted in improved security systems for wireless networks known as Wi-fi Protected Access (WPA).

An improved version of this, called WPA-2, appeared in 2004 but is not yet widely used.

Mr West said backwards compatibility problems might mean that people cannot opt for the better protection found in WPA or WPA-2.

Using either of these requires Windows XP fitted with Service Pack 2, Vista or OS X on the Mac.

Drivers for wi-fi access cards might also need to be updated and the firmware on a hub might also need refreshing. Any other device that tries to link via wi-fi will also need updating.

For many, said Mr West, updating all these separate components could be too much to ask.

A spokesman for BT said that it used WEP on its home hub products because of the compatibility issues.

"We use WEP for a very sensible reason," said the spokesman, "there are a number of devices out there in the marketplace that do not use WPA."

When helping people install wi-fi networks Geek Squad started trying to use WPA-2 but often had to fall back on the weaker protection.

WPA-2 was only made mandatory on wi-fi access points manufactured after September 2006, which means much wireless hardware still relies on WEP.

"It's often the lowest common denominator," said Mr West, adding that it was better than nothing.

He said: "It's more of a deterrent that will prevent most people being able to access that router."