AB9IL.net

WiFi Security Tips

Disclosure: AB9IL.net is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program such that this site earns advertising fees by linking to Amazon.com. If you make a qualifying purchase after clicking a link on this website, the associate affiliated with this site may earn a comission at no cost to you.


#Advert: ASUS monitors are quality tech for your quality visuals.

New Features: Global Quick Tune Internet SDR List Improve Your Radio Knowledge at "YouTube SDR School"
Article Index --- click here to unfold ---
Newest Pages NEW: Trumpists Kicking the Hornets Nest
NEW: Introduction to Catbird Linux
NEW: Skywave Linux Updated to ver 4.1
NEW: i3wm: Using i3-ipc to Float Windows
How to Record from WebSDR and OpenWebRX Sites
Programmatic RTL-SDR Frequency Claibration
Public KiwiSDR Lists
Malaysia Airlines Flight MH17: Simply Mass Murder
The Anonymous Cathay Pacific Employee Letter to Hong Kong
For For Cathay Crews Crossing Borders With Electronics
Photo Gallery 9: The New Life Movement in China, 1944
E Pluribus Unum: From Many, One, Dammit
HFGCS Quick Tune SDR List
The Robert Mueller Iron Triangle Speech
A Rant About One Party Rule
Best OpenWebRX and WebSDR Servers
SDR School via YouTube
ADALM-PlutoSDR on Linux Systems
MOFO Linux: Defeating State Censorship and Surveillance
Linux: Distros, Code, and Nifty Software NEW: Introduction to Catbird Linux
NEW: Skywave Linux Updated to ver 4.1
NEW: i3wm: Using i3-ipc to Float Windows
Skywave Linux: HPSDR, WebSDR, and RTL-SDR ready to run.
Siduction Linux with the Cinnamon Desktop
Siduction Linux with the LXQT Desktop
Andy's Ham Radio Linux 15 and QtRadio
Booting Multiple Linux Disc Images with Grub2
Porteus Linux Hard Drive Installation
UPDATED: MOFO Linux - For Unrestricted Internet
Aptosid with LXDE
Asus EeePC 1215N with Linux
Autostart Tweaks for KDE3 and KDE4
Broadband Speed Tweaks For Linux
Fixing the Firefox 3 Rendering Bug
Linux on Solid State Drives
Linux Wireless Interface Driver Updates
Setting Polkit to Automount USB Devices
Sidux with LXDE
Fixing Skype Inverted Video
SLAX Remix - kernel upgrades
Flash Drive Linux - Introduction
Flash Drive Knoppix 5.3 - Part 1
Flash Drive Knoppix 5.3 - Part 2
Flash Drive Knoppix 6.0 - Part 1
Flash Drive Knoppix 6.0 - Part 2
Flash Drive SLAX - Part 1
Flash Drive SLAX - Part 2
Flash Drive Bluewhite64 - Part 1
Flash Drive Bluewhite64 - Part 2
Flash Drive Linux - Basic Customization
SLAX Customization - Part 1
SLAX Customization - Part 2
Bluewhite64 Customization - Part 1
Bluewhite64 Customization - Part 2
Long Range Wi-Fi Basics of Long Range Wireless Networking
Linear Focus Parabolic Wi Fi Antenna
High Gain Wi Fi Dish Antenna
High Gain Helical Wi Fi Antenna
High Gain Yagi Wi Fi Antenna
High Power Wireless Adapters
Wi Fi Extender Antenna for Routers
Belkin F5D7050 External Wi Fi Antenna
Linksys WUSB54GC External Antenna Mod
Compat Wireless Linux Drivers
Installing WPA_Supplicant for Wi-Fi Security
Linux Wireless Interface Driver Updates
Linux Wireless Interface Driver Support
NetworkManager and Consolekit
RT73 Wireless Drivers for Linux Kernel 2.6.27+
RT2860 Wireless Drivers for Linux Kernel 2.6.27+
Radio: Amateur Radio, Aero Radio, Shortwave, etc NEW: Programmatic RTL-SDR Frequency Claibration
NEW: Public KiwiSDR Lists
NEW: GHFS Quick Tune SDR List
UPDATED: Best OpenWebRX and WebSDR Servers
UPDATED: Skywave Linux: HPSDR, WebSDR, and RTL-SDR ready to run.
CubicSDR on Debian, Ubuntu, and Linux Mint
Dump1090 for Linux Mint 17.1 and Siduction 2014.1
Software Defined Radio - An Introduction
QS1R Direct Sampling SDR
Chaining SDR Audio Interfaces
FLEX-6000 Direct Sampling SDR
UPDATED: RTL2832 Software Defined Radio
WebSDR Digimode Reception
Enabling FLASH in Jack Audio
Realtime Software Audio Processing
Liberation Technology MOFO Linux - For Unrestricted Internet
Veracrypt Encryption for Linux
Veracrypt Encryption for Windows
Using Google Within China
Popcorn Time and Flixtor for Uncensored Streaming Media
DNS Encryption using DNSCrypt
Galaxy Nexus Privacy and Robustness Enhancements
Galaxy SIII Privacy and Robustness Enhancements
Flash Drive Encryption for Linux
Flash Drive Encryption for Windows
Multihop VPN Connections for Strong Internet Privacy
Open and Free DNS Server List
OpenVPN Cloaking against Deep Packet Inspection The Serval Mesh Phone Project
Skype's Robust Security
Man in the Middle Wireless Security Risks
Wireless Security and Surveillance
Digital Audio Adjusting Audio Dynamics in VLC
Backing Track Prep Guide
Ipod Music Processing Guide
How To Record Record Live Music Performances
Realtime Software Audio Processing
Chaining SDR Audio Interfaces
Aerospace Radio, Aviation, Pontification, and Opinion NEW: Trumpists Kicking the Hornets Nest
NEW: The Anonymous Cathay Pacific Employee Letter to Hong Kong
NEW: For For Cathay Crews Crossing Borders With Electronics
NEW: E Pluribus Unum: From Many, One, Dammit
NEW: HFGCS Quick Tune SDR List
NEW: The Robert Mueller Iron Triangle Speech
NEW: A Rant About One Party Rule
Captains Authority Versus Autocratic Airline Management
Malaysia Airlines Flight MH17: Simply Mass Murder
Malaysia Airlines Flight MH370 - A Media Circus
High Gain Air Band Antennas
Apollo Unified S Band Communications
Chinese Anti-Stealth VHF Radar
Oceanic Communications - Procedures, Equipment, Voice and HFDL
Boeing 737NG Radio Equipment
Boeing 767 Radio Equipment
NAOC-TACAMO Monitoring
My Flight on 9/11
Joshua Chamberlain's Leadership Tips
Special Operations Forces Truths
TWA 800: Just Give Me Some Truth
Photo Gallery Aviation Photo Gallery 1: Snapshots From My Journeys
Aviation Photo Gallery 2: On the Road With ATA Airlines
Aviation Photo Gallery 3: More ATA Airlines
Aviation Photo Gallery 4: Southwest Airlines is the Borg Empire
Aviation Photo Gallery 5: Starting Over, Moving On...
Aviation Photo Gallery 6: More Viva Macau
Aviation Photo Gallery 7: Mainland China Airline Flying
Aviation Photo Gallery 8: Chinese Smog and Fog
NEW: Photo Gallery 9: The New Life Movement in China, 1944
Broadcasting BBC Radio Blooper - Adolf Merckle
TV DXing the World Trade Center
New York TV after 9/11
Live Music Recording Adjusting Audio Dynamics in VLC
Backing Track Prep Guide
Ipod Music Processing Guide
How To Record Record Live Music Performances
Radio Poetry and Arts In Distress, by David Wagoner
Just A Radio Operator, by Robert A. Wallace
Radio Circuit Modifications ATS-909 Modifications
ATS-909 Manuals
ATS-909 Alignment Procedure
ATS-909 Alignment Spectrograms
Very Low Frequency (VLF) Radio Internet Based VLF Radio Listening
Windows Tips Windows Performance Enhancement Tips
A Faster Windows 7
Windows 7 SSD Setup

Wireless networking is convenient, fast, and provides a lot of computing mobility. Wifi does, however, require extra measures if it is to be as secure as hard-wired networks. And WPA is the standard to use.

SURVEILLANCE OF WIRELESS NETWORKS

Consider for a moment the number of wireless networks visible to a laptop in a good wifi location. There is probably a small number of strong signals, and a larger number of fair signals, and a large number of weak (but readable)signals. Anyone with software and hardware capable of monitoring the airwaves can capture wireless data and subject it to analysis. In some ways, WiFi is similar to the telephone party lines of long ago, when it was possible to simply listen and gather information on the other people with access to the line. Woe unto the person giving up sensitive data over such a channel. It really is an important matter considering the "long tail" population of fair to weak networks that are perhaps too weak for connections, but still strong enough to tap from far away!


WiFi Signal Survey
Plenty of weak 802.11 signals are yet
strong enough for surveillance!


#Advert: Go parabolic with a fabulous Prostar laptop.


Unsecured wireless networking should be used only for things that are okay for the public to see. For all other data, encryption is necessary.

For a long time, the popular solution to keeping wireless network data safe from prying eyes was Wired Equivalent Privacy (WEP). It provided a means of securing communications in the age of intel 486 processors, but now it is quite ineffective. If your network is still using WEP, you are as vulnerable to surveillance as if you used no encryption. Stop using WEP and switch to WPA.

WEP's weakness is in its tendency to leak data about the encryption key, which can be used to break the key in a matter of minutes. In essence, the attacker captures all traffic on the network, then applies a statistical algorithm to determine the key. When the key is broken, the attacker may use the network infrastructure and has access to its data. One can then monitor all users' surfing habits, collect passwords, et cetera.

The safer encryption protocol is WiFi Protected Access (WPA). It uses a more secure scheme for managing keys, and is orders of magnitude more resistant to cryptanalysis. One essential requirement with WPA is to select a password that is NOT composed of known words that can be found in a dictionary, as there have been demonstrations of WPA keys being "reverse engineered" to poor key selection by end users. It is that password which, along with the network SSID, used as seed to produce one very long and tough wireless crypto key. Attackers essentially pre-compute keys (once) using common SSIDs and dictionary words, and build "rainbow tables" to simply look up the keys (any number of times).

COUNTERMEASURES AGAINST WIRELESS NETWORK SURVEILLANCE

No cryptosystem is totally secure; the best simply take more time and resources to break than the attackers are willing to sacrafice. The smartest policy is to keep sensitive data off the network, and use WPA if the network must be used for semi-sensitive data. For more reading on the recent advances in cryptanalysis of WPA, see Practical attacks against WEP and WPA by Beck and Tews.

Sometimes there simply isn't a secure wireless network available. In addition, very sensitive data should always be hidden from wireless hackers, dictatorial authorities, and institutions disrespecting individual privacy. Excellent data security is available in the form of Virtual Private Networking (VPN). VPN is a service that protects data by creating an encrypted channel between the user's computer and a trusted server in a distant location. The distant server is the connection point to the internet, and the user's IP address reflects that trusted server's location. Using a VPN makes it impossible for an institution or government to restrict a user's internet access, sniff sesitive data, or track a user's browsing. VPN can also provide anonymity superior to that offered by popular web based proxy services. It is important to realize that a VPN acts as a "secure nettork interface" and protects the flow of all data in and out of the computer - not merely web browser activity. FTP, VOIP, and other non-browser data are protected.

Whether you are a telecommuter working from home, a journalist writing an expose on your government's misuse of power, or simply a person doing online banking, consider protecting yourself and your work by using WPA for wireless and VPN for all networking.



Tags: Wi Fi Security, Wifi VPN, Wifi WEP, Wifi WPA

©2005 - 2020 AB9IL, All Rights Reserved.
About, Contact, Privacy Policy and Affiliate Disclosure, XML Sitemap.