6 Burning Questions About Wireless Networks

alphadogg writes "Answers to wireless network questions such as: What impact will 802.11n have? Which wireless security threats are scariest? What of wireless VoIP? Will your organization need to change to support enterprise mobility? How do you control costs in an expanding mobile and wireless environment? What can you do to stop wireless denial-of-service attacks?"

My question

[CastrTroy (595695)]

Here's my question. When are router manufacturers going to start requiring people to use WPA security? I got a Wii a couple weeks ago, and used the wireless part of my wireless router for the first time. Setup of WPA was very easy. I also found about 5 other open networks that I could have connected my Wii to. I find it amazing that people are leaving their connections open when setting up a secure connection is so easy.

Re:My question

[dattaway (3088)]

Those open connections are just part of the redundancy of the internet. And the next time RIAA come knocking on our door, we just point fingers again.

Re:My question

[morgan_greywolf (835522)]

Here's my question. When are router manufacturers going to start requiring people to use WPA security? I got a Wii a couple weeks ago, and used the wireless part of my wireless router for the first time. Setup of WPA was very easy. I also found about 5 other open networks that I could have connected my Wii to. I find it amazing that people are leaving their connections open when setting up a secure connection is so easy.

Is it up to Microsoft to require people to use secure passwords? Is it up to Oracle to require people with sensitive data to use the data encryption features of Oracle? Is it up to the postfix authors to require people to not run open mail relays?

As always, security is left up to those running the system. Similarly, wireless network security is up to those running the network. You can't force people to be secure. All you can do is strongly encourage it.

Re:My question

[danbert8 (1024253)]

Yes, but when you start Windows for the first time, it asks you to set a password. When you plug in your router, it does not ask you to set up wireless encryption. You can always leave the password blank for Windows, but you were at least given a prompt to set one.
 
Moral of the story: Never underestimate an idiot... They will always do nothing more than you make them.

Re:

[Odiumjunkie (926074)]

> Yes, but when you start Windows for the first time, it asks you to set a password. When you plug in your router, it does not ask > you to set up wireless encryption. You can always leave the password blank for Windows, but you were at least given a prompt to set > one.

Yes, but by default the Adminstrator password is left blank, with the username "Administrator".

Re:

[innerweb (721995)]

Right...

And you shall:

• Maintain your automobile, engine and all
• Prescribe your own medications
• Manage all the trades and investments in your retiremens account(s)
• Manage your local police force and do all the policing
• Raise and educate your child(ren) on your own (no teachers)
• ...

I would hope that all of these things the vast majority of people would not try. A few would be qualified to do some. For all of these things, we are directed by the *authorities* to have someone else do it, either because i

Re:

[PhoenixFlare (319467)]

I think many people just don't realize how far the range on some of these devices reaches - or they just automatically assume it will be stopped by the windows/wall/floor/etc.

I had the same experience when I got my Wii - it picked up probably 6 or 7 networks within my condo building, with probably 3 or 4 of those unsecured. Even my DS still manages to pick up 2 or 3 other networks from elsewhere in the building.

Re:My question

[by Anonymous Coward]

Require? Why the hell should they 'require' it? I can see turning it on be default, but no way should it be required.

I choose to share my wireless with anyone who might need to connect to check their mail etc. I VPN from my laptop to my OpenBSD gateway to keep my own work encrypted, and also allow access my wired home server.

I use the packet filter to ensure I get first dibs on traffic, but any spare bandwidth is open for others to use as the need.

Having it on by default is good. Having it required is not.

Re:My question

[CastrTroy (595695)]

I hope you don't regret it when the cops come knocking on your door because somebody has been using your wireless connection to do something illegal like trading child porn. Maybe you wouldn't get convicted because they won't find any other evidence, but I'm sure it would be a major inconvenience. Why risk it? I know you're just trying to be a good Samaritan, but I pay for my internet, and expect that my neighbors would do the same.

Re:My question

[battjt (9342)]

And what will you do when the police come knocking on your door because someone filmed child porn in your backyard?

Why risk it? Put up a 20 foot fence!

What will you do when you find out that a homicide was committed with your hotwired car? How about the death threats made on your phone line (you should have bought a T1 and used encryption back to the CO)? What about the death threats to the president spray painted on your garage? The weed grown by the alley at the back of your lot? etc...

Get real! This is life. The benefits of open WiFi far outweigh the risks. Hell, I've used lots of anonymous connections in a pinch (most recently to look up the default IP of my radio, to configure it).

You drive down the street with a complete strangers approaching with a closing speed of over 110 mph, but you wont leave your internet connection open?!

Joe

Re:

[Sancho (17056)]

I receive no benefits from opening up my wifi. I receive benefits if someone else does.

That said, the problem is the current laws and administration. They don't understand that an IP address received from your ISP does not uniquely identify the end-user. Furthermore, the absurd invasion of my home and holding of my property in computer-based crimes is unreal. They'll take your computers, all your media (even obviously retail DVDs), your gaming systems, your TiVo, your VCR.... And that's without any pro

Re:

[fredklein (532096)]

I don't want to be one of the cases where my connection is abused and my life is turned upside down because of the ignorance of those in charge.

So you have 2 choices-

1) Never do ANYTHING that those 'idiots in charge' might EVER mistake for illegal.

2) Get rid of the idiots and get SMART people in charge. (Or at least technology-wise people)

Re:

[Sancho (17056)]

1) Never do ANYTHING that those 'idiots in charge' might EVER mistake for illegal.

No, apparently you, like many people, don't understand that there are gray areas. It's not a binary choice. It's risk management, and I have decided that the risks aren't worth it. Besides, it's not mistaking things as being illegal, it's mistaking who is the person performing the illegal act. In the online world, where connections from one IP address can be made from many, many different people, it's pretty hard to tell who is doing something bad. It may be that the police shouldn't try, but they do,

Re:

[LurkerXXX (667952)]

It is much like a gun. If you don't properly secure it, and your child gets a hold of it and shoots someone (accidentally or otherwise) they're going to be pretty hard on you if you left it loaded on the couch.

What a complete load of crap.

Is there some law that says access points have to be controlled like guns?

Did you need to get a license for your wireless router?

Was there a 3-day waiting period to get one when you went to Best Buy?

Have you told your local Starbucks/coffee-shop or University that they bet

Re:My question

[steveo777 (183629)]

Well then, that is a good indicator that you are in the wrong neighborhood.

The neighborhood will never have anything to do with what kind of neighbors you have when they shut the front door. Sure, you can get a good idea by looking at the outside, and everything may look pleasant. "Never judge a book by its cover"

A friend of mine had a roommate for six months. Everyone agreed he was a pretty good guy. If not a bit obnoxious. A month after the guy moved out the police broke in with a warrant, took every computer and all his media. Movies, cassettes, CDs, DVDs, blanks, everything. They pull my friend into the station and put him behind a mirror and ask him tonnes of invasive questions about sexuality. After a couple weeks they call back. They talked to the old roommate, who confessed to trafficking child pornography. My friend got everything back, which I understand doesn't always happen.

I'd say it's a good idea to secure your network or at least keep some kind of log.

Re:My question

[Deliveranc3 (629997)]

Corrolary question, when will they give me a wireless security setup that matches what I want.

I want to share about 30-40Kpbs and have intelligent performance algorithms managing the rest, I want to have my transmissions encrypted while allowing others to SHARE my web-access. (I know that's a big word, like "communist").

When we move to 802.11n (Assuming the same number of wireless routers as currently exist there will be almost 80-90% coverage in urban areas, why would I need a cell phone if we all shared, how about intelligent sharing between networks as a mesh? Once we overflow the casual bandwidth limits we can stop dealing with this "expensive last mile" crap and start getting isolated fibre channels.

My computer is secure, my internet access is mostly encrypted or tunneled, but I don't have access everywhere for affordable prices, I don't think security and sharing have to be mutually exclusive.

Re:My question

[crossmr (957846)]

Don't buy a residential device? If you want to do advanced set up, pony up the bucks and go purchase a device to do it.
As mentioned FON is a cheap solution to do that, it puts out 2 SSIDs, a shared one and a private encrypted on, and you can use the web interface I believe to rate limit people on your open shared line.

Otherwise go buy a high quality business device with more than one available AP and set it up to do whatever you want. Cisco has tons of devices that can deliver you that kind of setup. So the answer is, its already there. Go nuts.

Re:My question

[c_woolley (905087)]

I agree. I also think we should point out the number of people that simply do not understand what they are doing or what is needed to secure a wireless connection. My mom is fairly tech-savvy for an older (I hope like hell she doesn't read this) woman. She understands quite a bit more than the average user. She was new to wireless connections, and decided to give it a try. When she called me to ask if there was anything to do besides plugging the provider's connection to her router, she was surprised when I told her she needed to secure it. She assumed (as someone else had already mentioned in a later post) that security was enabled by default. I walked her through the process without any problems, but it still remains that she did not know that enabling security was required. I asked her why she didn't figure it was needed and why wouldn't she feel that anyone could connect if the wireless connection. It didn't ask her for a password or some type of authentication, her computer was able to get to the Internet. Wouldn't that mean Joe Anyone could get there through her connection too. Her answer was simple, and yet effective. "Well, when I plugged my computer into my old router, it never asked me for a password either...smartass." And there is the answer. People are used to not having to secure their physical connections. If they do, it is usually much worse a situation for the average user, since their home is probably being burglarized at the same time. Now, it isn't the same situation for everyone. Some people know fully well that they need to secure their connections, and just don't. Call it lazy or whatever, maybe they just don't care enough or don't think their information is worth stealing. I have even run into one man who opened his connection up so that his neighbors could surf on his dime. He paid for a 12Mb connection and only used the Internet to surf the news. He didn't care that his neighbors were playing World of Warcraft or other online games. As long as his connection to the news was good, so was he. I suppose the bottom line is that there are reasons for everyone. Increasing some people's knowledge about it can help, others may just not care. Either way, I'll still be able to sit at home and open up my network connections and see unsecured networks. It's on me to decide whether or not to take advantage...and on my neighbors to figure out why they have to rebuild their systems every two weeks (just kidding).

Re:

[CastrTroy (595695)]

Maybe they could put an LCD Display on the front on the router that can display the default password. The default password is randomly generated when it it plugged in for the first time. It can be regenerated by pushing some button on the router. 1 hour after the first connection has been made, the password stops displaying. I'm not sure what the best solution is, and I realize that it should still be possible to create an open access point for those that wish, but I think they should make it a lot harde

Favorite question so far...

[hal2814 (725639)]

Q: "Is wireless [Wi-Fi-based] VoIP worth the bother?"

A: "Generally, no."

Sponsored by AT&T

Re:

[grasshoppa (657393)]

I generally agree with that assessment. I'll take it one step further; I won't do VoIP unless I can punch down into copper at some point ( or a t1. Anything with an SLA ). My phone traffic going over the same pipe as my internet is an incredibly bad idea. More so ( by 100x ) if you are a business.

VoIP over a corporate network is where it shines. But over the wild internet? No thanks.

Re:

[Shakrai (717556)]

Sponsored by AT&T

You mean "the new at&t" don't you? It's lowercase now so it's less threatening!

Re:

[Zonk (troll) (1026140)]

Sponsored by AT&T

You mean "the new at&t" don't you? It's lowercase now so it's less threatening!

Your world. Delivered.

...to the NSA [eff.org]

Re:

[Deliveranc3 (629997)]

Ancedote, I have a Ghost Phone. It has no record with any phone company, never gets a bill and can make unlimited calls anywhere.

Now none of the phone hacker people are willing to help me move the ghost account to a new phone, this old one gets terrible reception and has 3 hours standby.

But how much is this phone worth, how much is the freedom to never worry about a bill worth? Not to look at the clock not to wonder if you're going over? Well I offered my sister $1200 for the phone 3 years ago (She had

Pure FUD

[mr_stinky_britches (926212)]

This article is pure FUD (thats Fear, Uncertainty, and Doubt). The questions in TFA are not so much burning or on fire as the title would suggest..

--
Wi-Fizzle Research [wi-fizzle.com]

tagged this article with 'FUDFUDFUD'

[mr_stinky_britches (926212)]

Not sure if /. filters the FUD tag now, so I'm suggesting we tag it with both FUD and FUDFUDFUD (if nothing else it will tell us whether we can avoid the filters by just doing repetitions of the tags we want to show up).

Which wireless security threats are scariest?

[$RANDOMLUSER (804576)]

I voted for Tesla coils [wikipedia.org].

Re:

[CompMD (522020)]

1) Acquire microwave oven.
2) Rig door switch so microwave will operate with door open.
3) Run microwave with door open.
4) ???
5) Profit!

The real questions about WiFi:

[Opportunist (166417)]

1. Why can't Router manufacturers make WPA the default and use "no security" instead?

2. Why can't we get the information just how far away the "full bandwidth" works, instead of finding out without fail that most APs can hardly provide the promised bandwidth over distances more than 5 yards?

3. How long 'til we can't use WiFi anymore because all frequencies are already taken by your neighbors and the companies around you? Worse, can you soon be forced to discontinue your WiFi use because the company next door needs your frequency? (Because, yes, it's unusable past 20 yards but can easily interfere with networks a few miles away, it seems)

4. What's the legal implication when someone uses my WiFi AP without my consent by hacking into it and distributing illegal material through it? I'm waiting for the first verdict where you have a completely secure AP, someone still manages to break it and then...?

5. In turn, what about "free" APs, kept open deliberately. What about town wide WiFi networks, a few cities already started a project but they never went anywhere. Care to tell us why?

Re:

[cdrguru (88047)]

WPA requires support in the device connecting which isn't always there. It also requires a lot more effort on the user's part to connect up. If routers came with RADIUS servers where you had to log in it would be much simpler and clearer for everyone... but no.

WiFi is on an unlicensed frequency, which pretty much means that as long as the power is low nobody can complain. I suspect there will be a licensed version of WiFi at some point where you buy a license for a geographic area and a channel. This w

Re:

[jshriverWVU (810740)]

I use to be in HWUG (Houston Wireless User Group) and there was a decent free mesh there. That was 4 years ago. Hear it's even better now.

Re:

[dave562 (969951)]

I suspect there will be a licensed version of WiFi at some point where you buy a license for a geographic area and a channel.

This is antecdotal at best and coming twice removed from the source, but I will offer it up anyway. A client of mine is in a business that involves running trucks from southern California up into the central valley as far north as Madera/Dinuba. They wanted constant radio communication with the trucks but realized that they couldn't do it with what was publicly available. What t

Re:

[Idbar (1034346)]

1. Why can't Router manufacturers make WPA the default and use "no security" instead?

I say, why WPA, why not WEP or 802.1x? Because everything is based on Drafts not standards so everyone does what they want.

2. Why can't we get the information just how far away the "full bandwidth" works, instead of finding out without fail that most APs can hardly provide the promised bandwidth over distances more than 5 yards?
That mainly depends on both your router and your network card, therefore it's quite compl

These questions are answered

[postbigbang (761081)]

1) all the vendors that I've seen have WPA turned on by default. They didn't use to, but then cars didn't have seat belts years ago, either.

2) you can find lots of information about bandwidth. The same site as the article cited has product reviews on ftp throughput; it's about a max of 3/5ths stated bandwidth or less.

3) this already happens. Use 802.11a instead. There are tons of non-interfering channels and you can get double-data-rate schemes with them.

4) someone using your wifi might be legal, but it dep

What I want to know is

[rsilvergun (571051)]

What the heck are we going to do about everyone and his bro having his own wireless router? It's a special kind of heck when you've got an apartment complex with 7 or 8 or 10 wireless networks all in range and all competing. Add to that cell phones, wireless cameras, printers, etc, etc, and wireless is rapidly becoming useless...

Re:

[crossmr (957846)]

7-10 wireless networks? Wow you poor thing. The Devil must have it in for you.

I can pick up over 65 networks from my apartment and had to go to 5.8GHz phones because 2.4GHz was completely unusable in the apartment. The interference was just ridiculous.

Re:

[CastrTroy (595695)]

My trick for the phones is to use the 980 MHz phones. More than enough range for an apartment, and there's very little interference.

Re:

[crossmr (957846)]

I had them when I first moved in, they weren't any better. I'm in a pretty dense block, 37 floors with 8 or 9 apartments per floor. They might actually work now that most people have moved away from them (unless there are a lot of hold outs in my building).

It's not a problem.

[IANAAC (692242)]

What the heck are we going to do about everyone and his bro having his own wireless router? It's a special kind of heck when you've got an apartment complex with 7 or 8 or 10 wireless networks all in range and all competing.

How is that really a problem? Just set your preferred network to your own SSID and be done with it (well, that's assuming you didn't leave your SSID named "Linksys" or "Default"). I have about 20 wireless access points visible to me, some open, but most not, and they don't get in

Re:

[ATMosby (746034)]

All you need to do is get 11 spare wireless routers and 11 high power antenna's. Don't hook them up to anything. Generate lots and lots of traffic/noise. Make all wireless useless where you live. After a month or so you won't have anyone else trying to use wireless around you. Repeat every so often.

Re:

[crossmr (957846)]

While interesting, a much friendlier suggestion would be to use that paint/wallpaper that blocks wireless signals. Put it on your exterior walls and ceiling. Encourage your apartment company to do it in all suites. Or at least your downstairs neighbour so you can be fairly insulated. Not only do you free up your air space for your wireless access point so you can get good speed to the device, you also reduce the interference on any 2.4 GHz phones you might have/want to use.

printer friendly version

[BestNicksRTaken (582194)]

http://edge.networkworld.com/cgi-bin/mailto/x.cgi? pagetosend=/export/home/httpd/htdocs/news/2007/061 107-burning-questions.html [networkworld.com]

Yeah, I know it looks like some dodgey mailer script, but it just uses Javascript form elements to fill in bits of their standard printer page, instead of making a proper URL. Of course GET vs. POST is not checked ;-)

My question:

[DogDude (805747)]

When is wireless not going to suck? Seriously. I don't use it because of absolutely rotten reliability. Inconsistent speed, and intermittent connections are a rotten tradeoff for being able to save a few wires here and there.

Is 802.11n more reliable?

[jonnyj (1011131)]

The article seems to assume that 802.11n offers so much more bandwidth that no-one will bother with ethernet any more. Unless the new standard is less susceptible to neighbouring networks, that's just not the case

18 months ago I set up a MythTV setup based around an 802.11g wireless network and, at first, it worked flawlessly - two clients and the server could simultaneously stream TV to/from the router. Then my neighbours started using own networks in anger and the bandwidth available to me gradually dissolved.

Now my network can't come close to supporting one streaming device. Even surfing the net wirelessly is painful, with regular 2-3 second dropouts when the whole street hits the airwaves simultaneously. I've long since given up on wifi and switched to homeplug.

I'm not alone. Most people I know who live in densely populated areas have the same problem. Does 802.11n suffer from the same problems? I imagine that the increased range will just lead to increased contention when its popularity increases. I'm not about to buy it.

Re:Is 802.11n more reliable?

[CallFinalClass (801589)]

N suffers from all these problems.

Let me be more specific - 2.4 GHz N suffers from all of these problems. For now, I expect the 5 GHz N implementations to be in much better shape.

Tip of the hat to Apple for making all of their N gear 5 GHz capable.

Wag of the finger to just about everyone else for making their stuff 2.4 Ghz only, likely for backwards compatibility and cost savings.

Re:

[karnal (22275)]

The problem with the airspace within the specific band is that there's only so much bandwidth, and that is shared by all devices on that channel, whether they're a part of your network or not.

Of course, this can be mitigated by making your signals stronger (i.e. sitting the devices right beside each other) so that the other devices don't interfere with your signal.

I use wireless A at my place of employment, and I've run into another issue - if I have three people on wireless, and I start transferring a larg

VoWiFi FUD

[mach1980 (1114097)]

The article mentions VoWiFi quality as poor, which makes me believe that the writer is handling the truth somewhat irresponsibly.

I work for one leading VoWiFi company that currently installs a lot of systems at US hospitals. Do you think the hospital administrations should accept anything than perfect performance?

A MOS of 4.2 using ETSI's own measurements and seamless handover is what we are talking about. Not FUD about dropped calls etc. Our i75 passed Cisco's own certification program before their own product and has won a number of prices for best product.

Y.T.

My answers, now forward this to 20 friends...

[pla (258480)]

What impact will 802.11n have?

It will replace 802.11a/b/g, but beyond that, none. Speed really doesn't count as the biggest problem with wireless - I'd personally put "reliability" at #1 and "security" at #2.


Which wireless security threats are scariest?

The DOJ sniffing your traffic from outside rather than needing to at least enter the building (and thus possibly get caught on your security camera(s)).


What of wireless VoIP?

What of it? Whether you use a VOIP set that connects via 802.11, or a VOIP set that connects a base station via ethernet and has a cordless handset makes no difference. Except, perhaps, that while the 2.4GHz spectrum has gotten rather crowded lately, the 800MHz range used for cordless phones has become less congested in recent years.


Will your organization need to change to support enterprise mobility?

Probably, because most enterprise apps tweak if they lose their network connection even momentarily - See my first answer.


How do you control costs in an expanding mobile and wireless environment?

"The only winning move is not to play".


What can you do to stop wireless denial-of-service attacks?"

1) Use a wire.
2) Wait for the entropic death of the universe.
Seriously, no realistic solution exists between those two - A wireless DOS doesn't take anything high-tech... A spark-gap transmitter will do nicely. And don't forget "unintentional" DOSs... At my house, I suffer one every few second due to a nearby airport's radar (again, see my first answer), thus I almost exclusively use a wired connection except for totally noncritical and connection-state-less uses such as surfing the web from my couch.

Re:

[Alphager (957739)]

have you considered dlan (ethernet over electric wires)?

Re:

[mr_stinky_britches (926212)]

How about creating a LAN over the power lines in your residence?

Here is some more information from wikipedia: Power line communication for home networking [wikipedia.org]

I have a friend who did this at his house and it worked out nicely for him.

Good luck!

--
Wi-Fizzle Research [wi-fizzle.com]