Wi-Fi uses low power (microwave oven frequency!) radio waves to connect computers together into a network.

Radio waves tend to radiate outwards from an antenna, so that anyone with the right equipment can listen in, and can transmit back- with a suitable directional antenna at one end- from distances of a kilometer or more away.

This means that Wi-Fi networks are less secure than many wired networks, where signals on wires generally are much harder to detect from any kind of distance (although it is possible with the right equipment- tempest shielding is needed to do protect wired networks properly, and that's rare outside military circles.)

Apart from only using the network in a Faraday cage, the only way to sensibly protect these networks (assuming you want to protect the network), is to use encryption.

Most Wi-Fi equipment supports WEP, this encrypts all traffic that is sent between nodes before sending. However there is a vulnerability in the protocol that means that with the right software- (e.g. 'AirSnort') the keys can be recovered in about 45 minutes by passively listening to the traffic. This vulnerability in WEP will probably be fixed sooner or later in an upcoming revision of the standard, (at least one proprietary, non standard, fix is already is available that involves changing the key every minute or so.)

Another way to protect the traffic is to use encryption at a higher level, for example to use Virtual Private Network software. That way, the bad guys can record the packets as they travel over the wireless link and/or the internet, but they are impossible to read. This works well, is safe, reliable and fairly fast, but can be difficult to install, and may require a special firewall or other costly equipment to act as gatekeepers to parts of the network that only approved users can access. One subtle issue with this is that although the VPN software protects traffic that goes over the network, the computers are still theoretically hackable into from the wireless network, and if this were to happen then the network can be subverted. Personal firewall software can help stop this however.

Other security mechanisms include only allowing certain IP addresses to access the network (but IP addresses can be spoofed), or only allowing certain registered wireless nodes to access the network (but this identifier can be spoofed too with the right equipment.)

Bottom line: there's no such thing as perfect security even with wired networks. Use VPN software right now, with personal firewalls, and if the next version of WEP ever gets its act together use that.

That is if you want security. The Internet is not secure, but plenty of people use that.

Log in or register to write something here or to contact authors.