Does Wi-Fi security matter?

Does Wi-Fi security matter?

Summary: People 'just don't care' about Wi-Fi security according to researchers, but some senior security experts argue there's no need to secure networks at all

SHARE:
TOPICS: Security
3

A large percentage of Wi-Fi networks are "horribly insecure", according to researchers at Indiana University.

In a study of almost 2,500 access points in Indianapolis, presented at the Workshop on the Economics of Information Security at the University of Cambridge on Monday, researchers found that 46 percent were not running any form of encryption.

"People just really don't care about Wi-Fi security, and open Wi-Fi at home is a nice big target," said Matthew Hottell, lecturer in informatics at Indiana University. "Defaults [settings] are king," added Hottell.

Most of the secured networks used routers whose security setting had been pre-installed by the vendor, rather than having being activated by the end user. Some used WEP encryption wizards to encourage people to turn on the security settings.

"Education seems to have little effect. People with a higher economic status are not responsive to the heightened risk of privacy erosion, and people in general don't recognise that higher population density [heightens risk]," said Hottell.

However, security expert Bruce Schneier argued that as long as people's devices were secure, having a secured network was unnecessary.

"I have a completely open Wi-Fi network," Schneier told ZDNet UK."Firstly, I don't care if my neighbours are using my network. Secondly, I've protected my computers. Thirdly, it's polite. When people come over they can use it."

University of Cambridge security expert Richard Clayton also questioned the assumption that unsecured networks were necessarily insecure.

"What is your definition of secure?" Clayton asked the researchers. "Did you try to exploit the systems?"

Hottell said the wardriving team had not attempted to hack any systems or read any network traffic.

Microsoft's chief privacy advisor for Europe, Caspar Bowden, said there seemed to be a consensus among security experts that having a Wi-Fi network open to sharing has positive uses, but warned that people could not rely on WEP encryption if they wanted to secure networks.

"If you do want to secure your network, look at end-to-end solutions rather than some of the dodgy crypto around like WEP," said Bowden. "There's only one thing worse than no security, and that's a false sense of security," he added.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Security is only one issue, what happens if someone uses your wireless network to access porn sites? Given some of the less than pleasant sites on the Web, you can bet the Police would class you 'guilty until proved Innocent' as the sites were viewed on
    anonymous
  • 3rd part access and exploitation of a wireless network IS a security issue - idiot.
    anonymous
  • The disadvantage Wi-Fi security has is that when people use your connection, monitor/capture your data, make your machine a zombie for use in attacks against others...most people don't know. Not alerting the user is key to continuing to exploit them.

    Also people don't realize they are literally broadcasting all their data..e-mail, IM, company data right through the air and a 14 year old with a 10 dollar antenna can see everything..and I mean everything...from a long ways away. Go to wigle.net. look up "cantenna" on the Internet...uh..people..there is a problem whether you want to deal or not. And, yes, I've seen it done

    But..If people can't tell anything is wrong they figure they don't have a problem. Firewalls, anti-virus, anti-spam...all these things have had to gain public awareness over years. Their advanatge..especially with the last two is you could definitely tell you had a problem!

    Problem too is the misinformation out there. WEP, SSID concealement, mac filtering..too many acronyms and none of them work.

    There are easy cheap solutions out there. www.witopia.net is one. they were writtten up in Techworld.
    anonymous