This week I went to Wi-Fi Planet in San Jose. If you think about San Jose's boomtown image from being located in Silicon Valley, it was a small show curiously placed in the cavernous San Jose Convention Center. In my opinion it would be more correct to look at it as a solid regional show. It was quite good, from that perspective. The attendance appeared to be decent, there were interesting vendors, and my friends working booth duty complained of sore feet from standing around talking to attendees with real questions.
What's Interesting?
Recall now that I went their thinking about security. After the Wifi review I just worked on with Joel Snyder, I figured that I should take a look at the vendors exhibiting here to see what I thought of their security stories. The two things that I found very interesting were mesh networks for public use and spiking.
Mesh Networks for Public Use
A number of vendors are offering versions of their products, or entire product lines, based on the notion of public access networks. These typically have one or two radios and operate in a multi-link mesh so they can do proper routing. There were several stories of charming community downtown areas lit up with 802.11 connectivity. The thing I found interesting was the frequent mention of "additional use by police, fire, and public works." This could be worrisome, because some of these vendors offer the same level of security as enterprise vendors sometimes offer. That means that while the high end products can be quite solid, the marketplace doesn't seem to think security is much more interesting. An enterprise vendor might find my constant whining about product security to be an annoyance, but I really don't think a police department would feel the same way. The security requirements in these public environments is a much more serious matter. I'm a bit worried the vendors as a group aren't taking it as seriously as they might.
Spiking
A distrubing trend in the so-called "wireless intrusion" market is the notion of spiking. If a rogue Access Point or client is found to be connecting to a network, some products offer the "feature" that they can send sufficient corrupted wifi messages to knock a device off the wireless network. While this might be a good idea under operator-controlled conditions and with proper network management controls in place, I think it's downright dangerous to do this on an automated basis. I say this for two reasons: first, there's an urban legend that about 1/2 the rogue access points found in corporations are operated by senior executives, so rudely disturbing them might be a career limiting move - you should ask before you shoot ;-) and second, sending disruptive things over radio waves to your office neighbor's PC is probably a violation of FCC regulations, so operating these devices could violate federal law. Even if it's legal, this is one area where proper event logging and policy for who can and can't authorize this action should be carefully arranged.
Best Image
My favorite site at the show was actually a piece of art. At least, I think it's art. While the Convention Center is a marvelous structure, it was built pre-wifi. So there no mounting hooks on the concrete columns. Thus, if you want to offer wireless services, you have to resort to something like this. Now I think that someone was quite creative with this. I hope the house staff was appropriately mortified that they make it easier the next time around, though.
Post a comment
