Wi-Fi Access Point Privacy Issues

One of the issues with using any wireless technology is that any expectation of privacy is akin to screaming at the top of your voice in a mall and expecting no one to hear you. You can’t hear radio signals with your ears, but wireless transmits them in all directions and all it takes is an antenna to receive them. The radio signal doesn’t discriminate between the intended recipient and someone lurking in the background. Few people seem to understand this concept because they can’t actually hear the radio signal or see just how far it transmits.

Unless the communication is properly secured, assuming that you can safely send sensitive data using wireless technology is also a delusion. In fact, the lack of physical security makes wireless connectivity a risky choice anyway. Anyone can create a man-in-the-middle attack to place themselves between you and the access point you think you’re using. In addition, just hearing your supposedly secret conversation can give the hacker access to the data. Network Computing recently ran an article, The 9 Worst WiFi Security Mistakes, that outlines some of the serious consequences of not using Wi-Fi and other wireless connectivity with security in mind.

Wi-Fi endangers both security and privacy in a big way (even though the former issue seems to receive the most coverage). A recent article, Wi-Fi access point scans can betray a person’s location, points out that using Wi-Fi really is quite risky from a privacy perspective. Location data can help hackers guess user activities in some cases. The risk isn’t hypothetical or in the laboratory—it’s a real risk that exists right now. The fact that people don’t seem to want to pay attention to it makes the situation worse because hackers and others of ill intent could employ the techniques discussed in the article for a variety of purposes (none of them good). Even though the article focuses on consumer tracking, it isn’t hard to imagine using it for business purposes as well.

Wireless access actually amplifies security issues that are a problem for consumers and businesses alike anyway. A recent article, Don’t count on websites to hide your account info, discusses web site security issues. When you combine a lack of web site security, with wireless privacy and security issues, it becomes nearly impossible to ensure that the connection will remain secure enough to perform any task of a sensitive nature. When the network and endpoint are both suspect, you need to devise a robust app development and usage strategy (as described in Security for Web Developers). That is, unless you really do want everyone to hear you screaming from the rooftop.

Many high-end routers provide you with advanced configuration features (something I discuss to some extent in Build Your Own PC on a Budget). For example, you can choose to use only WPA2 security. According to a number of sources, such as PCWorld, WPA2 is the best solution to wireless security right now. Of course, you still need to use good passwords and employ other router features such as port filtering, IP packet filtering, URL keyword filtering, and MAC address filtering. Make sure you set up a guest account with a real password and change that password after your guest is done using your router. Limit guest access to only those areas a guest actually needs.

Wireless connectivity is a fact of life today—you can’t really get around it because wireless connectivity offers too many benefits to ignore. However, it’s important to remember that wireless lacks the physical security of a wired network connection, which means that you need to be extremely careful when using it or face the consequences. Let me know your thoughts about wireless connectivity security and privacy concerns at John@JohnMuellerBooks.com.

 

Author: John

John Mueller is a freelance author and technical editor. He has writing in his blood, having produced 99 books and over 600 articles to date. The topics range from networking to artificial intelligence and from database management to heads-down programming. Some of his current books include a Web security book, discussions of how to manage big data using data science, a Windows command -line reference, and a book that shows how to build your own custom PC. His technical editing skills have helped over more than 67 authors refine the content of their manuscripts. John has provided technical editing services to both Data Based Advisor and Coast Compute magazines. He has also contributed articles to magazines such as Software Quality Connection, DevSource, InformIT, SQL Server Professional, Visual C++ Developer, Hard Core Visual Basic, asp.netPRO, Software Test and Performance, and Visual Basic Developer. Be sure to read John’s blog at http://blog.johnmuellerbooks.com/.

When John isn’t working at the computer, you can find him outside in the garden, cutting wood, or generally enjoying nature. John also likes making wine and knitting. When not occupied with anything else, he makes glycerin soap and candles, which comes in handy for gift baskets. You can reach John on the Internet at John@JohnMuellerBooks.com. John is also setting up a website at http://www.johnmuellerbooks.com/. Feel free to take a look and make suggestions on how he can improve it.