The Wardriving Experiment – Part 1

Filed under Wireless Security

<%image(20071120-kismac.jpg|91|91|KisMac Logo)%>

I decided to setup a little wardriving experiment to really get an idea on how many people are still using WEP to secure their wireless access points. I also wanted to find out if people really still setup a wireless network without encryption. You would think that most people would at least use WEP right? Not exactly! The following is Part 1 of my little experiment in which I talk about vendor responsibility and wireless security education…

It still seems that security is never the first thing a vendor thinks about when instructing a new user who just purchased an access point. To confirm this I purchased a cheap “2.4Ghz 802.11g” wireless access point at the local Best Buy and read through the instructions. To my dismay I found all the information about securing your new access point was toward the middle to the end of the instructions. I had my options of 64-bit WEP, 128-bit WEP, and WPA-PSK. When reading about WEP, they said nothing about WEP being easy to crack and nothing about how to choose a long passphrase for either type of encryption (to see why you should choose a long randomly generated passphrase, see this article). Why not right? Would educating your customers possibly lower sales somehow?

I thought for a minute of someone like my Mom reading these instructions…what would she choose? Lucky for her she could call me! Most people won’t be that lucky and will unfortunately make a bad decision of selecting poor encryption, weak password and/or passphrase or a combination of both. Worse yet..selecting encryption is probably too techincal so most average people are going to select no encryption. Who needs silly encryption, right?

So if the vendor doesn’t educate users about basic wireless security who will? The high school girl at the check out? The (god forbid) “Geek Squad”?

In Part 2 of my wardriving experiment I will talk about what wardriving is, how it is evolving, and the wardriving setup I used to conduct my experiment. I will also talk about the results of a wardrive I did in a pretty populated suburban neighborhood.

Post a Comment

Your email is never published nor shared. Required fields are marked *