What's your take on wardrivers? Some say they're harmless while other label them as criminals.
It's a very fine line. If I walk down the street and check all the door locks, am I a criminal? Probably, but the real offense doesn't happen until I walk in the door and it becomes trespass. If you're just war-driving for the fun of collecting the data and mapping it or whatever, then no real crime has been committed.
The bigger issues is people using open networks, often for a quick email or map check. While there is a 'theft of service' the actual value is going to be measured in fractional cents, so although a crime has technically been committed, no real harm is done. One of the features of iStumbler is designed to help with this thorny dilemma: networks tagged with a '.public' extension are presented in the interface as begin open for public use, so there is no question of theft.
A significant part in the process of developing wireless networks is ensuring that the data on wireless devices is secure. What do you see as the biggest threats to that security?
Network Encryption schemes such as WEP, WPA and to some extent VPN. That may seem backwards, since they are all designed to protect data, unfortunately they are half solutions at best. Relying on WEP for security is a very bad idea; not because it's easily broken but because it allows you to go on using insecure protocols like POP, IMAP and FTP. The second you leave that WEP protected network and use the open network at the coffee shop down the street you're exposing your personal information.
The bigger issue with link layer encryption is that the open internet is not encrypted, encrypting the local link does nothing to secure your email or files in transit, for that you have to use SPOP, IMAPS, SCP or other end-to-end solutions. This pokes a huge hole in the argument for HotSpot VPN products, where your traffic flows out of the VPN providers network completely unencrypted.
People use wireless networks on a daily basis and are growing concerned about the possible threats. What advice would you give to mobile users so that they could make and keep their laptops secure on any network?
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.