<<< Date Index >>>     <<< Thread Index >>>

[IP] Evil twin' fear for wireless net



------ Forwarded Message
From: Dewayne Hendricks <dewayne@xxxxxxxxxxxxx>
Reply-To: <dewayne@xxxxxxxxxxxxx>
Date: Thu, 20 Jan 2005 10:13:52 -0800
To: Dewayne-Net Technology List <dewayne-net@xxxxxxxxxxxxx>
Subject: [Dewayne-Net] Evil twin' fear for wireless net

  'Evil twin' fear for wireless net

  People using wireless high-speed net (wi-fi) are being warned about
fake hotspots, or access points.

  The latest threat, nicknamed evil twins, pose as real hotspots but are
actually unauthorised base stations, say Cranfield University experts.

  Once logged onto an Evil Twin, sensitive data can be intercepted.

  Wi-fi is becoming popular as more devices come with wireless
capability. London leads the global wi-fi hotspots league, with more
than 1,000.

  The number of hotspots is expected to reach 200,000 by 2008, according
to analysts.

  "Users need to be wary of using their wi-fi enabled laptops or other
portable devices in order to conduct financial transactions or anything
that is of a sensitive or personal nature," said Professor Brian
Collins, head of information systems at Cranfield University.

  Twin threats

  "Users can also protect themselves by ensuring that their wi-fi device
has its security measures activated," he added.

  BT Openzone, which operates a vast proportion of public hotspots in
the UK, told the BBC News website that it made every effort to make its
wi-fi secure.

  "Naturally, people may have security concerns," said Chris Clark,
chief executive for BT's wireless broadband.

  "But wi-fi networks are no more or less vulnerable than any other
means of accessing the internet, like broadband or dial-up."

  He said BT Openzone, as well as others, have sophisticated encryption
from the start of the login process to the service at a hotspot.

  "This means that users' personal information and data, logon usernames
and passwords are protected and secure," said Mr Clark.

  Secure yourself

  In the vast majority of cases, base stations straight out of the box
from the manufacturers are automatically set up with the least secure
mode possible, said Dr Nobles.

  Cybercriminals who try to glean personal information using the scam,
jam connections to a legitimate base station by sending a stronger
signal near to the wireless client.

  Anyone with the right gear can find a real hotspot and substitute it
with an evil twin.

  "Cybercriminals don't have to be that clever to carry out such an
attack," said Dr Phil Nobles, a wireless net and cybercrime expert at
Cranfield.

  "Because wireless networks are based on radio signals they can be
easily detected by unauthorised users tuning into the same frequency."

  Although wi-fi is increasing in popularity as more people want to use
high-speed net on the move, there have been fears over how secure it
is.

  Some companies have been reluctant to use them in large numbers
because of fears about security.

  A wireless network that is not protected can provide a backdoor into a
company's computer system.

  Public wi-fi hotspots offered by companies like BT Openzone and The
Cloud, are accessible after users sign up and pay for use.

  But many home and company wi-fi networks are left unprotected and can
be "sniffed out" and hi-jacked by anyone with the correct equipment.

  "BT advises that customers should change all default settings, make
sure that their security settings on all equipment are configured
correctly," said Mr Clark.

  "We also advocate the use of personal firewalls to ensure that only
authorised users can have access and that data cannot be intercepted."

  Dr Nobles is due to speak about wireless cybercrime at the Science
Museum's Dana Centre in London on Thursday.

TOP 10 WI-FI COUNTRIES FOR HOTSPOTS
  United States 22,081
  United Kingdom 9,356
  Germany 5,713
  France 3,239
  Japan 2,197
  Switzerland 1,311
  Italy 1,111
  Spain 1,073
  Canada 826
  Australia 800
  Source: Jiwire

  Story from BBC NEWS:
<http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/4190607.stm>

  Published: 2005/01/20 10:30:20 GMT


Archives at: <http://Wireless.Com/Dewayne-Net>
Weblog at: <http://weblog.warpspeed.com>


------ End of Forwarded Message


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/