Discontinuation of KisMAC

A wireless security tool we discussed last week, KisMAC, is being discontinued. This is too bad. Having such open source and free computer security software available is very useful in overcoming the challenges of internet security, by allowing you to test your own wireless security. The Kismet project is not affected.

Michael Rossberg writes:

There has not been a lot of time for KisMAC lately. However the motivation for this drastic step lies somewhere different. German laws change and are being adapted for "better" protection against something politicians obviously do not understand. It will become illegal to develop, use or even posses KisMAC in this banana republic (backgound: the change of § 202c StGB).
While I cannot do much about that for now, you probably can. Make copies of KisMAC and its source as long as the website is up! Do further development outside of Germany, even better outside the US and EU! If you are a German resident, you will need to fight for your rights.

You may want to take the opportunity to download KisMAC now, so you have a copy in case you need it. Hopefully the project will be adopted somewhere else.

Update 8/6/2007: The Kismac site reports that it may be moved to the Netherlands soon.

802.11 Alphabet Soup

Here's a review of 802.11 b,a,n, and i, with respect to wireless internet security:

802.11b - This is a popular wireless standard, and includes WEP only. WEP stands for Wired Equivalent Privacy. This means that this protocol was supposed to be just as safe as plugging your device into the network with a cable. Unfortunately, the WEP designers didn't do all their homework, which means WEP is a poor choice for your wireless network security.

802.11a - This was the next wireless standard to be widely accepted following 802.11b, and added increased transmission speed, as well as WPA. WPA stands for Wi-Fi Protected Access. It fixes the holes in WEP and adds stronger authentication.

802.11n - This is an upcoming standard for Wi-Fi. It offers increased speeds and reliability for Wireless access. It does not include any new security standards.

Check out this interesting article that explains how the overhead involved in WiFi means that network speeds are much lower than advertised. For one thing, it's a shared medium. That's why 802.11n devices use multiple antennas. They communicate using MIMO (multiple input, multiple output) technology. Ethernet itself is rated at 10Mbit/sec but actual throughput is less. Overhead always occurs in transmission for things such as redundancy, error correction, and protocol overhead.

Currently you can get Draft 802.11n capable wireless cards. The standard is slated for finalization in Sept, 2008, at the time of this writing. Devices that use Draft 802.11n should generally be flash upgradeable to the final standard later on.

802.11i - This is the latest wireless security standard, which includes WPA2. WPA2 is the successor to WPA, and adds stronger encryption in the form of AES, vs. the older RC4. AES is used by the US Government, so it's probably secure enough for your needs too. This is currently the best choice for wireless security.

Wireless Security Topics

Keith and I met today to discuss new ideas for the blog. Be sure to post your comments (below) with any article ideas or questions you have.

Thanks,

Neil

Optical Wireless Eliminates WiFi's Biggest Flaw

What's the biggest flaw with WiFi, or any radio-based wireless network? It's easy to eavesdrop on the network traffic, since the wireless base station conveniently broadcasts the signal in all directions, even through walls, ceilings and floors. This is why the WEP security protocol was hacked open so quickly: the bad guys can just eavesdrop on the network from the parking lot.

Ask TJX what the cost of using WEP is -- they can't answer yet, because the bill keeps growing. For comparisons sake, how easy is it to eavesdrop from the parking lot on a Cat5 wired network? And how do you hide the telltale 2000 foot ethernet cable out to the van? Duct tape? I don't think so.

So, wired networks are more secure, but much less flexible. But radio waves aren't the only way to transmit network data. Some labs and companies are developing optical wireless networks, that deliver the flexibility and convenience of wireless, but make eavesdropping much more difficult. The reason? The optical signal simply can't pass through solid surfaces like walls and floors. This means if you live in a house or work in a building that has good physical security (like most homes and offices do) then you could set up an optical wireless network that is much harder to eavesdrop on compared to similar WiFi or other radio networks.

The most promising technologies for transmission included infrared (the same wavelength that your TV remote uses) and white LEDs (still in the lab). Stay tuned for more developments on this speedy high-bandwidth wireless medium.