Security over a Typical Wireless - Essay Example

Running Head: CRITIQUE ON WIRELESS HOTSPOTS Critique Position on the article “Wireless Hotspots: Petri Dishes of Wireless Security” by Bruce Potter Students Name Course Name Instructor Date Critique / Position on the article: “Wireless Hotspots: Petri Dishes of Wireless Security” by Bruce Potter This article by Bruce Potter takes the position that security over a typical wireless (Wi-Fi) hotspot network is not achievable at the current state of technology, at least at the small scales of individual and small business usage. However, large corporations with the infrastructure to create security are usually the only secure wireless networks available, and the cost is typically prohibitive for the smaller scale user. But does that mean that there is little or no security in place? No, but ultimately it is limited to the resources and commonsense of the user involved to maintain security protocols. The author suggests that we completely abandon the use of these hotspots, such as in cafes, close our laptops or shut down or tablets and just enjoy the coffee. This writer feels that the horse is already out of the barn on that issue since wireless hotspots are one of the main attractions now drawing in people to stay for a longer period of time and eat or drink more product of that particular establishment proffering that tempting wireless connection to the internet. Potter begins by describing a typical corporate network to let the reader know just how complex true security protocols must be in order to maintain an absolutely secure network. One of the biggest issues here is that a corporate network takes on the responsibility of that security and so is a single point of access that all other users must adhere to. In this case, as far as security goes, big Brother is a good thing to have. The opposite is usually true at a typical Wi-Fi hotspot where someone has plugged in a wireless router, and hundreds of users with various computers, etc. have access to it from the front end by a simple password (if that). On the corporate level, while the use of 802.11x and WEP (Wired Equivalent Privacy) is in place, it is usually accompanied by bidirectional certificate-based authentication which identifies both clients to each other. The certificate is located both at the access point and on the client trying to gain access, allowing for a higher level of authentication and protection. Typical hotspots do not know and could care less who or what is accessing their network, and therein lies the greatest issue, according to Potter. This lack of bidirectional authentication poses the very large and real risk of a hacker, acting friendly to gain access, can then use the wireless network to gain access to other clients accessing it. This certificate level access is nearly impossible to use at a hotspot since the accessing client’s would have to have the keying certificate in order to enter the wireless network. This solution is impractical for most individuals and small business. However, the author does not some exceptions. “For Example, T-Mobile provides access for a fee to Wi-Fi users in Starbucks coffee shops throughout the U.S. T-Mobile has its own authentication and security infrastructure, as well as its own way of assembling network.” (Potter, 2006, p. 53) Unfortunately, this is an example of one large corporation assisting another large corporation, for a fee. Again, impractical on smaller levels. The fee imposed, though usually modest, is often met with opposition as well. This is only human nature, even though the fee may reduce the risk of a security intrusion. According to the author, this leaves only one option: “Users of wireless hotspots are ultimately responsible for their own security.” (Potter, 2006, p. 54) By and large this wirter would agree that this is true. While providers of hotspots are rather limited as to what they can offer for free at their sites regarding access to the internet, the user must have not only adequate safeguards in place installed on their device to help prevent intrusion, but also use common sense when accessing such a spot. Applications are unaware of the network environment in which they run. An instant messaging client or Web browser has no way of knowing if the computer it is running on is within a controlled area with a wired network or if it is at a coffee shop with a random wireless network. Attackers who subvert the wireless connection will then probably try to subvert applications running on the client system. (Potter, 2006, p. 56) The author is also correct when he states that those providers of wireless technology provide very little in their warning instruction regarding security. While this is changing, they also do not want to dissuade potential customers from using their devices and / or the networks involved. Therefore, they keep their warnings limited since most provide for WEP and WPA (Wi-Fi Protected Access) with their 802.11x wireless routers and feel that this is the most they can to for security purposes. The author is also correct in that this can create a false sense of security to the client’s access hotspots willy-nilly. The most intrusive and dangerous limitation of a wireless network is when a hacker creates a rouge network that mimics the passwords, protocols and name of the h0otspot network already in place. In this instance, unless the user is extremely computer savvy, they are at risk of losing all their information over this rouge intruder. While the layer 2 security provided by 802.11x technology protects to some degree the original access point, once a hacker has created a rouge access point all bets are off. Potter uses the example of a network which he aptly names COFFEE. Simply put, an intruder hacker brings his or her own access point to the same location as the hotspot named COFFEE. Their access point not only mimics the name COFFEE, but also allows access in the same way as the hotspot usually does, the same cozy welcome screen and so on. The hacker also makes the rouge COFFEE network stronger so that it is picked up first by the returning customer. So, none the wise, the customer signs on as usual and the hacker’s rouge network can easily scan the customer’s device for any information that is available. In this scenario there is very little a customer can do to prevent this from happening. Some software can help to mitigate this issue, but it is a prevalent threat nonetheless. Furthermore, the ease of use of these wireless networks is at once a blessing, but according to Potter, it is also one of the biggest problems for security. 802.11 layer 2 protocol is designed specifically to be operating behind the scenes to the user, generally inaccessible to the average consumer and it is certainly not modifiable to address specific threats, such as a more sophisticated and user unfriendly corporate network might be able to. Furthermore, while there is SSL authentication in place when accessing a website, and most users will look for the secure lock at the bottom of the browser screen, not only is this a non-existent function when accessing a wireless point, but may also give yet another false sense of security when logged onto a wireless network. While Potter certainly cast doubts on whether anyone should be using a wireless network, it really does depend on the end users level of risk aversion as well as their knowledge of the risk involved. It is like saying to a swimmer; don’t go into the ocean you may drown. While this analogy may be a bit severe, it is important to remember that with every new technology comes a certain amount of risk. Taking precautions is certainly prudent but one must be aware of the potential of disaster: Remember that "public" hotspot almost always means unsecured internet access. In these environments, your computer needs to cover the risks; the hotspot wont. You have to activate firewalls and antivirus protection. If you cant, the best advice is not to use the free unsecured access points. Theyre too expensive. (Oppenheim, 2008, p. 26) Keeping this in mind, while sipping a cup of coffee and reading the on-line version of the New York Times, simply be mindful that you may not be alone at your wireless hotspot. References Oppenheim, R. (2008, September). The World without Wires. Searcher, 16, 22-27. Potter, B. (2006, June). Wireless hotspot: Petri dish of wireless security. Communications of the ACM 49(6), 51-56. Read More