• United States

Rogue responsibility

May 26, 20032 mins
Cellular NetworksNetworkingSecurity

Users want Wi-Fi vendors to do more than encryption and authentication.

Wi-Fi security has progressed to the point of making wireless LANs a viable corporate proposition, but it still has a long way to go.

Of particular concern are rogue access points, which are unauthorized access points that end users tack onto a wired network. Rogue access points deserve the same attention from vendors as encryption and authentication, says Zareh Marselian, director of technical services for California Lutheran University in Thousand Oaks.

Given that most access points don’t ship with the Wired Equivalent Privacy protocol configured as a default, rogue access points can create gaping security holes in wired networks. Marselian says no solution exists to stop them, and the only way to detect them is to walk around sniffing them out.

Vendors must be pressured into taking on more responsibility for wireless security, adds Thomas Gaylord, CIO of the University of Akron in Ohio. “Wi-Fi is going to be used by everybody – beyond cell phones,” he says. “The dangers in putting it in every mobile PC, with the Intel chipset announced to fanfare infinitum, creates a huge potential vulnerability for the naive user. The manufacturers of the standards and the hardware and the developers of the software must get together to ensure that we are not putting the general public at risk because they don’t know [all about] Wi-Fi security.”