Wireless safety needs good sense, not sensationalism

A splashy exploit makes good copy, but the real lessons for wireless security come from a more thoughtful approach
Written by Leader , Contributor on

There's a saying in technology journalism — if you're keen to be seen, attack the Mac. The lesson's not been lost at the Black Hat computer security event in Los Angeles, where a vulnerability in wireless networking was demonstrated by compromising a MacBook. The press rose gratifyingly to the bait: so where's the Mac's much vaunted hack immunity now?

The real story — that nobody's claimed that the Mac is immune to anything, that the demonstrated exploit represents a vanishingly small risk in real life, that there are plenty of greater risks to mobile computing regardless of platform — is far less sensational. Yes, the wireless stack is probably home to more vulnerabilities than other aspect of modern computing, but there are also factors in its favour. There are many different variations from many different manufacturers, which confers a lot of immunity, and you have to be physically near the target to mount an attack. That's a very unattractive environment for a malware writer to exploit.

If you want to worry about wireless exploits, take a look at the wide range of live CDs that let attackers set up fake hot spots and run man-in-the-middle intercepts. Or check your office for unofficial hotspots running from ten-quid USB adapters, exposing the "safe" side of your network to whoever swims into range. Or check just how good the company laptops are at resisting malware when they're exposed to the unfiltered Net on public access.

Security is of overriding importance, and wireless is one of its more complicated aspects. That may be in its favour: if you get it right, your attitude towards security in general is likely to be sound. Don't trust the corporate firewall as anything other than one component in an overall strategy where every part has some responsibility for its own safety. By all means keep your network drivers patched and up to date, but consider what will happen if that's not good enough. Assess each component for the risks it brings versus the advantages it brings, and set your priorities accordingly.

This has nothing to do with the Macintosh, and precious little to do with buffer overflows during preamble processing. The best lesson from the Black Hats is that the most important component for planning security is one gram of crystalline sodium chloride. There's not much that isn't improved in this game with just a pinch of salt.

Editorial standards