The Electronic Peeping Tom

A research team at a University in Germany recently demonstrated how they could break a common variant of WEP, a wireless encryption protocol, in two minutes or less. WEP has always been somewhat insecure, but I’ve personally used it for a few years now as I had a few devices (such as a Roku network music player) that didn’t get along well with newer, more advanced security protocols such as WPA. I knew that WEP encryption could be broken, but I also knew that the amount of data that needed to be collected to do this would mean that someone would have to be quite persistent to access my network.

But knowing that a war driver could pull over outside of my apartment and get access to my network in two minutes or less gets me a bit worried. I have quite a lot of shared drives, though most are password protected or at least read-only. I don’t really worry about someone using my connection for their own purposes - wireless signals don’t travel all that well around here, and anyone who is into technology enough to know how to crack wireless encryption also probably demands quite a bit from their internet connection. So what is my real worry?

Packet sniffing. The ability for someone to jump into your network and immediately start reading all the traffic sent between you and the wireless router. Programs such as Ethereal provide an easy means to do this, and applications like AIMSniff make reading instant messages a breeze. Someone can see all the websites you visit, capture form information you enter, save instant message logs, and read any email you send or receive. A lot of this would just be equivalent to looking in someone’s window, but some of it borders more on actually reaching into that window and taking something.

Luckily, most monetary transactions (such as online banking or transactions) are secured. Also, it is fairly easy with most routers to switch to a more secure protocol. Of course the reoccurring theme here is avoiding technological ignorance, and it’s doubtful anyone who picks up a router from Best Buy and chooses the default security setting for WEP will take notice or make any changes in light of this recent news.