WiFi networks are on the rise right now, the comfort of not being tied to the cable is really strong argument, especially if you own small sized communication device, a nettop, or a laptop. ISP’s also benefit from WiFi – they do not have to pull cables all around the city, to be able to deliver their service to the end-user.
But this comfort comes at a price, as cables have a key security feature – you have to physically connect to them to be able to break into the network – not always an easy task, and certainly easily detectable.
With the introduction of WiFi and the first security standard – the WEP encryption, some IT specialists thought security is good enough for the not so competent home user. The time proved these specialists wrong – the WEP encryption was broken almost instantly, and soon hackers were traveling around the city, with their car full of communication equipment, breaking into WiFi networks, mapping hacked points and sharing them with the community.
This so called “WarDriving” continued to grow when second, stronger encryption standard became available – WPA. Although it was expected to keep intruders out of WiFi networks for years, it was broken pretty soon too, giving hackers opportunity to sniff your traffic and steal information.
The third implementation of security protocols – WPA2 proved to be pretty much “unhackable” for normal wardrivers, and even more advanced decryption equipment should not be able to break the security of WPA2 – AEP protected network. Now ISP’s had a break, with the security of their networks restored. For the end user it took a while before he understood the benefits af little slower, bur fairly unhackable, yet nowadays almost all WiFi spots are protected with WPA2 – PSK (with pre-shared key) or AEP encryption.
That tranquility went on until a week ago an announcement was made by a professional IT specialist, working for a company selling WiFi intrusion protection equipment.
Mr. Sohali Ahmad, a security researcher for AirTight Security inc., announced he discovered a weakness in the WiFi security standard WPA2 that may allow third party to capture packets of information, manipulate them, injecting own packets, and re –broadcast them to users connected to the affected point, allowing so called “man in the middle” attack to be performed.
From the limited amount of information currently available it seems that the more complicated WPA2-EAP is the only one affected by the problem, and you must know that this is not the implementation you use for the protection of your own access point, but the one intended for use in large scale access networks – so mainly larger networks may be affected if they do not disable some features of the protocol and monitor all network traffic, to disallow exploitation.
The bad news about ISP’s or other large WiFi network owners, that use WPA2 – EAP, is that the weakness is not recoverable – a problem in the accepted WFi standard (IEEE 802.11) allow it to exist, and changing these is long and complicated matter, that will take few years.
The good news is that you as a person should not be worried – your home network is as protected as always.