WiFi security remained in focus with noticeable and widely discussed incidents and revelations happening all throughout the year. These events will surely provide strong testimony for advocating the importance of secure WiFi deployments/usage in coming years. The importance can be judged against the backdrop of the fact that WiFi now empowered with latest 802.11n revision is advancing more and more toward the status of the default network access option. Here is the brief summary of all such revelations carrying the message of secure WiFi usage to masses:
Insecure WiFi networks are vulnerable to eavesdropping: This is a well known fact, at least for security experts, but this issue was highlighted multiple times due to repeated incidents during 2010 that were subjected to this vulnerability. The first of such incident was Google’s WiFi snooping controversy where Google’s Street View cars accidentally collected private data from insecure WiFi networks. People considered this collection a privacy breach and therefore lawsuits were filed against Google. The second concerned a Minnesota man who hacked a neighbor’s insecure WiFi to send threatening e-mail to the Vice President of the United States. The third incident happened at India where terrorists hacked an insecure residential WiFi network to send terror e-mails after bomb blasts. And the fourth one relates to the release of a Firefox extension called Firesheep by a software freelancer that can turn the layman into a WiFi hacker, capable of hacking popular social networking websites over insecure WiFi networks.
All these incidents made headlines and attracted attention of WiFi users around the world, reminding them of the potential dangers of eavesdropping over insecure WiFi networks.
Potential insecurity due to private/personal WiFi networks: There were several incidents in 2010 that signaled increased insecurity concerns due to the presence of personal/private WiFi inside the corporate premises. The two incidents were related to a WiFi malfunction experienced at two major trade shows; one was the Google’s first public demo of Google TV and second was the iPhone 4 launch at the Apple Worldwide Developers Conference. At both trade shows, several MiFi devices (capable of hosting an independent private WiFi network) owned by the various attendees were operating at the same time. The operation of such MiFi devices interfered with the host WiFi and thus caused malfunction of the latter. Another incident was the use of private WiFi networks in adhoc mode by Russian spies in the US for data transfer between two WiFi enabled machines. Also, virtual WiFi capabilities of Windows 7 (released in late 2009) that allows hosting of a software Access Point on a machine became very popular. Software such as Connectify exploiting this capability in an easy-to-use form also witnessed a large number of downloads.