| idespread use of Wi-Fi Technology is bringing to | | | | very similar spelling like these: |
| light many security issues that may have gone | | | | • CoffeeHouse |
| unnoticed by the average user. Traditional wired | | | | • CofeeeHouse |
| connections have obvious security precautions | | | | The hacker is hoping his network shows up first in |
| that most users are accustomed too, but extra | | | | the list, and that users will log on so quickly they |
| measures must often be used when transferring | | | | won't realize what they are doing. |
| data across a wireless, and sometimes public | | | | WPA (Wi-Fi Protected Access) |
| network. A wireless Internet connection without | | | | WPA was originally designed as an answer to |
| security can easily give anyone access to your | | | | security holes that were becoming apparent in the |
| files, email, and even gives others the ability to | | | | widely accepted WEP technology. Wi-Fi Protected |
| make changes to your computer. | | | | Access is an attempt to create standards within |
| These types of security problems will probably | | | | the wireless security industry, and begin a move |
| have little impact on most users. Occasionally | | | | towards unifying the market. The Wi-Fi Alliance |
| surfing the web at a coffee shop or having a | | | | designed the technology and a scattered market |
| wireless adapter set up on a printer will likely not | | | | is beginning to see a unified method of security on |
| bring down the house. To a business holes in | | | | the horizon. |
| security can cost time, money, and could possibly | | | | The two main differentiators between WPA and |
| be a legal violation. A badly secured Wireless | | | | WEP are key size and the number of packets |
| Internet connection is an open door for hackers | | | | that actually carry the key. The number of |
| to use the technology to cause general mischief | | | | characters in a WPA key is considerably more |
| or to even commit crimes. The most common | | | | than a WEP key, and it would taking sifting |
| methods currently in use to secure a Wi-Fi | | | | through many more data packets to actually put |
| connection are SSIDs, Wi-Fi Protected Access, | | | | a WPA key together. |
| and WEP. | | | | WEP (Wired Equivalent Protection): |
| SSID (Service Set Identifiers) | | | | Wired Equivalent Protection uses encryption to |
| Every data packet sent over a Wi-Fi connection | | | | protect data as it travels via radio waves from |
| has a specific identifier attached to it. This | | | | transceivers. This means that when you send |
| identifier, or SSID, can recognize particular | | | | your email from your laptop it becomes |
| wireless networks and everyone accessing a | | | | encrypted, is sent out wirelessly on radio carrier |
| particular network must have the correct Service | | | | waves, is received by a wireless access point, is |
| Set Identifier. From a security standpoint SSID | | | | then decrypted and sent on to the Internet as |
| alone offer almost no protection, but it does give | | | | any wired connection would. As the name implies |
| a network a specific name making is clear what | | | | this security was designed to provide the same |
| network a user in connected too. | | | | level of security a wired connection would. This is |
| Knowing where you are connected too has | | | | not the case, but the security is usually strong |
| become increasingly important due in part to a | | | | enough for most users. |
| wireless internet attack called The Evil Twin. While | | | | The reason WEP has never become as secure as |
| this may sound like something Dr. Evil would use, | | | | a wired network is there is simply no way around |
| it's a common hacker technique. The way it | | | | the fact that anyone can intercept radio wave |
| works is a hacker takes in a mobile wireless | | | | and get the data out of them. The level of |
| access point, usually set up on a laptop, and then | | | | encryption that the data has will mean the |
| enters a public area where an access point | | | | information is meaningless unless the interceptor |
| already exists. If no SSID is set up, then | | | | has the WEP key. The problem here is that all |
| someone may actually log on to the hacker's | | | | data packets carry a piece of the key and that in |
| computer giving them access to all data sent and | | | | time, with enough packets, the key can be |
| received. This is a great way to get access to | | | | produced. This is a lot of trouble to find out |
| usernames and passwords. | | | | where a user has been surfing, but maybe not |
| Even with SSID a hacker is going to name their | | | | too much to acquire hundreds of credit card |
| network something confusingly similar. If you are | | | | numbers. Again if you are not targeted by a |
| at your favorite coffee shop and are about to log | | | | hacker, WEP is surely enough protection. WEP is |
| on, check the names of the networks carefully. | | | | currently installed on almost all wireless routers |
| Be careful if you see two possible networks with | | | | available to consumers. |