Chad Boeckmann, CISSP, GSEC
WiFi is an abbreviated term for Wireless Fidelity, known as Wireless Networking, which commonly uses the 802.11b protocol. The 802.11b protocol transfers data across a wireless signal at a rate of 11 mbps (megabits per second). There is new technology that allows the use of greater speeds, but these standards are not yet completed and industry approved. Wireless has many advantages over the conventional wired network; the most obvious of which are mobility and cost savings. However, there are some blatant risks.
A default installation of a wireless network typically means that your data and connection are at risk and could be compromised at any time. This is because all vendors, particularly those who cater to home users, do not implement by default any prudent security measures.
If you were to connect to your online bank and look up your bank account, your data is transmitted with encryption from your bank's web server to your modem and from your wireless access point to your wireless enabled PC. This transaction is safe because your online bank has provided the encryption mechanism for you. Now, suppose you visit a website where you enter in your user id and password and the website is not protected with encryption (the site begins with http:// instead of https://). Your user id and password and all data that you retrieve from this site will be transmitted in plaintext. What this means is anyone who is capturing data from your wireless connection will be able to intercept this information. With a default wireless installation, your data could be compromised and you may be at risk for identity theft. This is because you have not properly secured the access point or wireless router with proper security mechanisms.
In order to properly secure a wireless device it should be configured to use encryption, with WPA (WiFi Protected Access) at a minimum. Many vendors exploit the use of WEP encryption on their devices, but unfortunately this encryption mechanism is not strong enough to thwart the determined thief. Newer wireless equipment should have the option of using the stronger WPA encryption. Hard coding the MAC (Media Access Control) address of your wireless networking cards to the access point is an additional precaution that prevents other rogue users from picking your signal and riding it for free Internet access. This could also include illegal activity on your connection!
The RIAA (Recording Industry Association of America) recently investigated a case that held a 14 year-old responsible for downloading hundreds of songs from a popular file-sharing service. After further investigation, it was found that a neighbor had used the 14 year-old's wireless connection to download songs from the Internet. This is just one example of why any wireless implementation must be thought out and scrutinized prior to implementation.
Prior to implementing a wireless technology in your home, you should research products that seem to offer the best security and functionality to make your life easier and safer. If you have any questions about implementing a wireless technology in your home, consult a vendor that you are considering using, or research the Internet for best practices. Another option is to not use wireless. Many people hook onto the wireless trend before really understanding its implications. Keep yourself safe by doing your homework first.
If you are already using a wireless implementation, you should begin the use of WPA encryption as a minimum safeguard. A free guide to securing your wireless network at Practically Networked should provide the basics on safeguarding your home wireless implementation.