Nowadays no matter where you go, people always seem to be on the hunt for that elusive Wi-Fi signal. Accessing a wireless connection is now a way of life.
But, did you know there are many different types of wireless signal; intentionally free, unintentionally free, hotspots and secured. You might have used of them, but it's let talk about how each one works, and most importantly, how you can make sure your own connection is as secure as it can be.
This is provided commonly by businesses to allow unhindered access to the Internet. Usually this is just a normal Internet connection that's used by the both the business and patrons sharing the same resources.
Essentially the same type of connection, but granted unintentionally for free by people that usually don't know how to set up their access points to be secure.
Hotspots are a managed system to provide secure connectivity to the Internet. They block your access to other devices on the network and keep the owner's network completely separate to this public side. Some are free, some are chargeable, but more often than not they are secure.
This is a network where either the service provider or the wireless owner has set a password, and this is what I'm going to look at in further detail.
It's important to make sure that all parts of the wireless chain are secure.
There’s no point having a super secure password, if you use WEP encryption. WEP was the original wireless security, and is now so easily broken into that anyone with a smartphone can crack it in under a minute (there are free programs for laptops that can do it in much less time than that!).
It doesn't matter whether you have a random selection of characters, these applications can pull that key straight out of the air. Hackers are now turning their attentions to the newer WPA and WPA2 standards of wireless encryption, and they are making headway at an alarming pace.
Many Internet Service Providers now send out their routers pre-configured with a secure key (based on WPA or WPA2) but even now these have been bypassed. When your ISP assigns a key to your router, its hash is based on some aspect of your hardware. Usually this is your device's unique identifier, or MAC.
Once a hacker has collected enough examples of this data through various sources, they can work out what the algorithm is. They then can store this information in a "rainbow table". A rainbow table takes up a lot of space, but requires less computing power than a brute force attack.
What I have outlined above is, to be fair, an oversimplified description, but it basically means any preconfigured router may appear secure and will deter most wannabe hackers, but it won't deter the most determined!
If your business is using an ISP provided router and you haven't changed the key, you’re leaving yourself wide open to attack.
By using a personalised Service Set Identifier (SSID) or Network Name, WPA2 encryption and your own key based on random letters and numbers (think of it like a complex password) makes rainbow table and dictionary attacks impossible, and more severe attacks infeasible.
That's not to say they won't eventually figure out the algorithm to WPA and WPA2...