Wireless Technology: Communicating the Wi-Fi Way

Short for wireless fidelity, Wi-Fi is a new global standard based on the IEEE 802.11 protocol describing rules for all manufacturers to adhere to when designing and installing their wireless equipment.

Any products tested and approved as Wi-Fi Certified® by the Wi-Fi Alliance (an organization made up of leading wireless equipment and software providers) are certified as interoperable with each other, even if they are from different manufacturers.

Most commercial laptops have an option for a certified Wi-Fi adapter, or else it comes as standard equipment. The connection speed is fantastic―as fast as or faster than cable modems.

Using Wi-Fi technology is similar to using a cell phone, except the cells are called hotspots and you use a computer for communication instead of a phone. A hotspot is a local area that is serviced by Wi-Fi-compliant equipment, and the number of hotspots is rapidly increasing.

Most hotspots are offered by companies or services where a person is already a paying customer, such as at hotels, cafes, or ISPs.

There are even a lot of free hotspots available in public places and restaurants, but free access to hotspots may not last very long. As more ISP companies get on the bandwagon they will be putting together service packages with guaranteed access to certified Wi-Fi-serviced areas.

As with most good things, there will always be those who want to take advantage of others, and Wi-Fi technology is no exception. Every time you log on to a public Wi-Fi access point, you are transmitting your login name and password over open airwaves, and perhaps even credit card information as well.

Since public networks and hotspots are increasing globally, the opportunity is also growing for thieves and miscreants to capture that data and use it for nefarious purposes.

As recently as a year go, industry surveys found that most public and private Wi-Fi networks used no encryption at all, meaning that anyone with a laptop and a Wi-Fi card could intercept data packets being sent or received by legitimate users. All that is needed is the ability to 'sniff' the airwaves to locate data packets.

There are dozens of easily downloadable utilities available to provide this function, and most people who use them are just hobbyists called 'wardrivers' who drive around looking for networks to join―but some have malicious motives.

Home improvement giant Lowe's found this out the hard way, when the Wi-Fi network they were using to transmit credit card information from cashiers to their central network was tapped into by three men sitting in the parking lot of a store in Michigan.

Not only did they capture sensitive information, but they also altered the software code used by Lowe's to process credit cards, thereby gaining access to computers in other stores as far away as Long Beach, California.

Lowe's didn't discover the invasion until it reached their headquarters in North Carolina, at which point they called the FBI. After the FBI arrested the men, they admitted that they had discovered the unprotected network while wardriving earlier in the year.

Most Wi-Fi break-ins are not detected until obvious damage is done. One particularly chilling example of bandwidth hijacking took place in Haifa, Israel, about a year ago. A break-in at the post office showed nothing missing, so police assumed the thieves were interrupted before they could complete the job.

But a few weeks later, automated auditing systems discovered a series of large withdrawals from newly opened accounts, which prompted an internal investigation.

Officials were stunned to discover that a Wi-Fi access point had been added to their internal network, planted innocuously right in the middle of a group of server equipment in a restricted area. If the large withdrawals had not triggered the automatic auditing program, the scam could have gone on indefinitely.

Wireless networks obviously have a lot to offer, but how can a company ensure that private data remains private? Thankfully, there are many options available for making a wireless network safer. Although no network can be 100% secure, it is possible to prevent the majority of hackers from getting access to confidential information, and all it costs is a little time and effort.

Wi-Fi hotspots present a whole new set of security issues due to many unknown computers sharing the same local network. Public hotspots usually do not use any encryption protocols or security functions, because providers feel such tools would negate the 'public' aspect of hotspots and would require customers to go through hoops to get connected.

Therefore, the data customers send out from public hotspots can be intercepted by just about anyone. Still, there are several basic things that can be done to protect sensitive transmissions:

1. Make sure you're connected to a legitimate access point.
Rogue access points in public areas have been springing up that connect directly to hijackers' databases to collect passwords, usernames, and even credit card data. Don't connect in places where there is no sign for a legitimate provider. 

Don't set your wireless card to connect automatically to any available network. Turn off the ad-hoc mode, and turn off your Wi-Fi card entirely as soon as you are done.

2. Encrypt sensitive data and use password protection.
To be sure your data is protected, encrypt your files using a file compression program such as Allume's StuffIt Deluxe. There are numerous freeware and shareware encryption programs available as well. Use passwords for sensitive files and folders, as well as for access to your computer as a whole.

3. Use a Personal Firewall.
When you connect to a public wireless network you are joining a local network with other unknown computers. To protect your computer you should run a personal firewall program, such as Zone Labs ZoneAlarm and Kerio's Personal Firewall, to restrict what traffic is allowed into and out of your computer. 

Make sure you take the time to familiarize yourself with the product you choose and configure it properly to get the maximum protection without getting in the way of legitimate traffic and applications.

4. Use anti-virus software.
When you connect to a public network you have no assurance that the other machines on the network with you are protected against viruses and other malicious code. Suddenly, it is more important than ever to have antivirus software installed, and be sure to update the virus definitions at least once a week.

5. Use a Web-based email program when you're connecting at a public hotspot, instead of Outlook, Eudora, or Apple Mail.
Most ISPs these days let you send and receive e-mail through a Web interface as well as by downloading it to your email program. These websites generally use secure socket layer (SSL) or other security protocols, which protect your data while it's being transmitted.

6. Make sure file sharing is off.
On home networks, file sharing is frequently used to copy files back and forth between computers. On a public network, this is the last thing you want to have on, for obvious reasons.

7. Be aware of people around you.
It may sound simplistic, but be extremely careful when typing in your name and password at a public access point location.

The start of the 21st century looks very promising as far as connectivity and global communications are concerned. By learning how to implement Wi-Fi technology into their business processes, organizations can increase productivity and extend their global reach. But care must be taken to ensure safe wireless transmissions, in order to protect vital business data and keep it private.