MobilityTechzone

Latest News

TMCNet: Encryption not a foolproof means to protect Wi-Fi network

[August 18, 2010]

Encryption not a foolproof means to protect Wi-Fi network

Aug 18, 2010 (Star Tribune (Minneapolis) - McClatchy-Tribune News Service via COMTEX) -- In a recent column, I suggested that a consumer worried about Internet banking over a home Wi-Fi network could use a wired Internet connection that would be safer. But several readers asked whether using wireless encryption (automatic coding) was a better solution.

"I totally agree that a wired connection is always more secure than a wireless one, but shouldn't a home user be encouraged to go the extra step and enable (wireless) encryption?" asked Rick Erickson, PC and network administrator of Fidelity Bank in Edina, Minn.

Richard Milberg of Easton, Pa., agreed. But Phil Pollock of Chaska and Karyn Gaffaney of Roseville, Minn., wondered if the encryption they're using is strong enough to protect their home networks.

The answer falls into a technological gray area. Encryption is good protection, but it's not perfect, said Rob Juncker, vice president of technology operations at security firm Shavlik Technologies in Roseville. Even some of the best encryption methods available to consumers have been cracked by experts.

But encryption protects not by making it impossible to breach your home network, but by making it so much work that hackers will look for easier targets, Juncker said. The question is how much encryption is enough to give you an acceptable margin of safety.

Don't use older Wired Equivalent Privacy (WEP) encryption, which has been broken into many times, Juncker said. You're probably safe if you use Wi-Fi Protected Access (WPA) encryption. An improved encryption, WPA 2, is even safer.

But you've also got to be smart about how you use encryption. Experts recommend using passwords longer than a few letters or numbers, because the longer the password is, the more work it is for a hacker to break it. Don't use passwords that are real words or hackers can run a "dictionary attack" that will eventually guess your password. (According to news reports, hackers using multiple computers can run a dictionary attack in 20 minutes or less.) Consumers also should know that even the best encryption software won't prevent them from being tricked, Juncker said. A consumer can still fall victim to a "man-in-the-middle attack," in which a hacker with a PC impersonates your Wi-Fi hotspot and tries to convince your PC to connect with him instead of with your wireless router.

To avoid being tricked by a man-in-the-middle attack, pay attention to small details, Juncker said. Does the website name in your browser really say it's your bank's website, even if the screen looks right? Does the Web address say "https," which denotes a secure website for financial transactions? If not, beware.

___ ABOUT THE WRITER Steve Alexander covers technology for the Minneapolis Star Tribune. Readers may write to him at Tech Q&A, 425 Portland Ave. S., Minneapolis, Minn. 55488-0002; e-mail: steve.j.alexander@gmail.com. Please include a full name, city and phone number.

___ (c) 2010 Star Tribune (Minneapolis) Visit the Star Tribune Web edition on the World Wide Web at http://www.startribune.com Distributed by McClatchy-Tribune Information Services.

For reprints, email tmsreprints@permissionsgroup.com, call 800-374-7985 or 847-635-6550, send a fax to 847-635-6968, or write to The Permissions Group Inc., 1247 Milwaukee Ave., Suite 303, Glenview, IL 60025, USA.

[ Back To MobilityTechzone Homepage's Homepage ]
FOLLOW MobilityTechzone

Subscribe to MobilityTechzone eNews

MobilityTechzone eNews delivers the latest news impacting technology in the Wireless industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter
Interview with VPI Systems
TMC's Rich Tehrani speaks with Russ Green, Senior Vice President of Marketing and Product Management for VPI Systems
Interview with Thrupoint
TMC's Paula Bernier speaks with David Jodoin, Chief Strategy Officer for Thrupoint
Interview with Nuance
TMC's Erik Linask speaks with Christy Clark Murfitt, Sr Manager of Solutions Mktg, Enterprise Division for Nuance
Interview with Abukai
TMC's Erik Linask speaks with Philipp Schloter, President & CEO of Abukai
Interview with DragonWave
TMC’s Stefanie Mosca speaks with Greg Friesen, VP, Product Management of DragonWave