802.11b Security Needs Beefing Up – And Then Some

It wasn't until BT Mobility (, the recently-created public wireless LAN division of British Telecom, announced its plans earlier this year to open several thousand 802.11b public access hot spots across the U.K., that this writer truly considered the benefits of WLAN access on the go.

Up until that point, both anecdotal and occasional experience had led me to believe that some companies, more by accident than design, had left their backdoors open to 802.11b sniffer packages. Such unauthorized access routes into company networks are mainly used, this writer has discovered, for 'free' mobile access to the Internet, by a growing band of freeloaders.

It was early in July, whilst hurrying through Holborn, London, that I saw my first warchalking ( sign, since when I've seen chalked/spray-painted signs elsewhere in London, as well as in Amsterdam. Warchalking, in case you haven't come across it, is the practice of leaving chalked (or similar) signs up at locations where notebook PC users can access an organization's 802.11b network for free. While such practices are, at best, questionable, since they are effectively encouraging WLAN users to break the law, they are clearly growing in popularity.

Some of the companies that allow unfettered, albeit illegal, WLAN access to their company networks are big names. The one in Holborn is, from what I can discover, a middle-ranking international banking group. Lord only knows what hackers could get up to on their network - the couple of laptop users I found in a Holborn local coffee shop were busy downloading pirate movies at around 4 Mbps from the Usenet.

They used this method of access, they told me, because some enterprising movie companies have started offering low-quality copies of their movies from their own servers. The reason for this is that they know their movies are already available on the Internet, so are using these 'honeypot servers' to trace broadband users to their point of origin. Piggybacking on the bank's computer systems allowed these two notebook users to download pirate movies, but with the reassurance that their chances of being caught, never mind prosecuted, were almost nil.

A just-issued report from Frost & Sullivan ( - entitled European Wireless LAN Hotspots: A License to Print Money says it expects large numbers of services to arrive in Europe over the next couple of years, building on the success of similar services in North America and the Asia Pacific region. The report (see Hotspot_Note.pdf for a copy of the research's firm summary) doesn't mention security issues, which is hardly surprising as most companies are blissfully unaware of them.

The good news, however, is that Microsoft is planning to introduce a security system for 802.11b networks in the upcoming Windows XP Service Pack 1, which is due any day now. XP Service Pack 1, this writer is reliably informed, will include native support for protected extensible authentication protocol (PEAP), a secure version of the already widely-supported extensible authentication protocol (EAP) seen in RFC 2284 from the Internet Engineering Task Force (

Although EAP was originally developed for use with PPP, it has since been adopted for use with IEEE 802.1x network port authentication. Since its original deployment, most experts agree that a number of weaknesses in EAP have become apparent. These include a lack of protection of the user identity or the EAP negotiation, as well as no standardized mechanism for key exchanges, and no integral support for fragmentation and reassembly. PEAP already has the support of several industry players, including Cisco, RSA Security and Microsoft, and its formal support in XP will undoubtedly accelerate its development as an industry standard.

This will help companies such as St. Albans-based (, a U.K. firm that specializes in supplying 802.11b-based systems for installation in bars, restaurants and even homes. Wialess thinks that 802.11b is set to become a popular medium by which notebook users can access the Internet on a wireless basis, both in the home and office, as well as when out and about. The advantages of using 802.11b to access the Internet wirelessly are manifold, even in a home environment, and Wialess thinks that the technology could become popular now that broadband access charges have fallen to their current low rates.

Prices for 802.11b kit are also falling - the other day I saw a twin "wireless modem" kit at a retail store in Birmingham, England, selling for just £99 ($155). Granted, the twin-modem kit wasn't a PCMCIA system, but a mini-modem system designed to plug into a desktop PC and a notebook PC using their USB ports, but it was a cheap method of creating an 802.11b network for use in the home and office. With 802.11b PCMCIA cards now selling for under £100 from many outlets, the take-up of the WLAN technology in the U.K. and Europe is certain to accelerate in the coming months, just as it has done in North America.

In the U.S., if some of the Usenet postings are to be believed, some companies in Silicon Valley are actively allowing public access to the Internet using 802.11b for employees, with the side benefit that notebook users in nearby homes and offices can also gain access. It is to be hoped that these tech-savvy companies have also taken steps to secure their company network resources. Having secure firewalls in place is all very well, but the advantages of such protective measures are totally negated if hackers are accessing the company network from inside, using 802.11b connections to ensure their anonymity.

Back in the early to mid-1980s, when hacking was still in its infancy, almost all hackers were altruistic in their approach to gaining unauthorized access to company computer networks. Back then, the cost of entry to the world of hacking across the PSTN was relatively high, and most hackers seemed to abide by an unwritten code of ethics. These days, with 802.11b devices for notebooks costing so little, almost anyone can hook up an old laptop and get rolling, with the result that no such hacker ethos exists amongst the user base.

Granted, most of the 'techies' that access the Usenet tend to be benign, since the Usenet is, by and large, self-regulating, but, without the rapid evolution of WLAN security standards, 802.11b looks set to become a hacker's paradise.

Steve Gold is news editor for SC Magazine and Infosecurity News ( &


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.