'

Rupert Goodwins' Diary

Tuesday 27/06/2006 In the same way that the brightness and colour of a star shows how old it is, the speed and percentage of locked-down wireless access points can show how advanced a particular area is in adopting new technology. Take Indiana, where a study in correlating the percentage of secure domestic access points to other factors showed no link whatsoever.

Tuesday 27/06/2006

In the same way that the brightness and colour of a star shows how old it is, the speed and percentage of locked-down wireless access points can show how advanced a particular area is in adopting new technology.

Take Indiana, where a study in correlating the percentage of secure domestic access points to other factors showed no link whatsoever. "We cannot say with any certainty that income, population density, or education level have any effect on the expected level of wireless security."

Yet something does: monitoring of London, Edinburgh and San Francisco over several years has shown the following pattern — a few 802.11b access points with no security blossom into a large number of mixed 802.11b and g access points with around 30 percent security. Then there are a couple of big scares in the news, and overnight the nets close down — followed by a creeping increase in the percentage of open networks as new users buy their first routers without having been scared beforehand.

On this scale, the Indiana neighbourhoods — "mixed demographic areas of a small college town" — as described is around 18 months behind London and San Francisco and about 12 behind Edinburgh.

Not everyone's convinced that wireless security's necessary anyway, Bruce Scheier telling us that he's got an open network because it's polite, he's got his computers secure anyway, and frankly my dear...

That's fine for people who know how to lock down their computers. The big problem with open access points is that the radio side of things is on the LAN side of the firewall — so no matter how well the access point's own firewall is configured, it won't lock out attacks from the wireless. That's down to firewalls on the individual computers, and even the XP firewall is happy to open up the ports for sharing if you want to move files or print stuff across the network. And why have a network if you can't, well, network?

In those cases, you'd better darn well have your wireless secure. Although the Indiana study concluded that there was no point in trying to educate users because they never listened, a friend reports success in getting his neighbours to use proper security. He logged onto their computers, found their holiday snaps, and left a few extra evil, scary clowns in My Pictures.

Four hours later — lock-down. Repeat after me — mwahahahah!