Last month the German government decided that it needed to take a closer look into Google's data collection methods. Google's Street View cars are equipped with wireless antenna's and pick up any available wireless signal along the way. It was originally thought that the Street view cars were just collecting SSID and MAC address to provide location based services to mobile users. It turns out that they were also capturing data from any network that wasn't secured with WEP or WPA.
The problem, according to Google, is that their engineers were working on an experimental project in 2006 to collect data over publicly available wireless networks. They transferred the code to the Street View cars to collect the SSID and MAC address for their location services but forgot to take the data collection part out.Although Google has stopped the data collection and they are currently reaching out to regulators in the relevant countries about how to quickly dispose of it. Our privacy are under risk if we do not realize it, we need to protect ourselves better.
MAC address and SSID are tools by which your network can be identified and if people want to overtake your network, they can– potentially irrespective of the encryption you place on said network. The information collected was from unsecured networks.An unencrypted wireless network is not just a security risk to the owner of the network, but potentially to everyone else on the Internet. Once someone has anonymous access to a wireless network, they can do whatever they want on the Web with total anonymity. Do yourself and your fellow Net citizens a favor and take the steps to secure your network:
- Turn off broadcasting of your SSID. The “Service Set Identifier,” or SSID, is a broadcast message notifying every device within range of your network’s presence. All wireless routers have the option to turn off broadcasting your SSID. This is by far the easiest way to prevent drive-by crackers from accessing your network. While your data is still not encrypted, most wardrivers won’t know that you have a network and as a result, won’t try to access it. Some computers or wireless cards have problems connecting to wireless networks that don’t broadcast the SSID so there is a small possibility that this may not work for everyone.
- Change the default settings of your router’s Web-based administration. While changing your admin login won’t stop anyone from intercepting your wireless traffic, it will prevent them from changing your settings. Most wireless routers allow you to change your admin name and password. While you’re at it, change the name of the SSID. If someone detects your SSID as being named “Linksys,” they can assume that your default username is “admin” and your default password is “admin” because that is the way Linksys networks are setup at the factory. If anything, changing your default setup will show a wardriver that you at least know something about setting up a wireless network.
- Enable WEP or WPA encryption. WEP (Wireless Equivalent Privacy) or WPA (Wireless Protected Access) are ways of forcing users to enter a password, which is encrypted, before they can access a wireless network.
You have several choices for wireless encryption:
•64-bit WEP (Wired Equivalent Protection). The original wireless encryption standard, it is now outdated. The main problem with it is that it can be easily "cracked." Cracking a wireless network means defeating the encryption so that you can establish a connection without being invited.
•128-bit WEP. An updated, more secure version of the original WEP. However, skilled attackers can still crack 128-bit WEP in a few hours or less, giving them access to your network.
•WPA-PSK (also known as WPA-Personal). A more secure alternative to WEP, but because it is newer, it is not as widely supported. Microsoft Windows XP with Service Pack 2 supports WPA, so this type of encryption is the best choice if you plan to connect only Windows XP computers to your wireless network. However, if you have wireless devices that don't support WPA, such as media extenders or wireless cameras, you'll have to use WEP on your network instead.
You might also see the security method called "WPA-Enterprise." As the name suggests, this method of network encryption is designed for business use. Setup for WPA-Enterprise is more complex than for other types of encryption, and it requires special network infrastructure.
•WPA2. The newest type of wireless encryption, WPA2 provides the highest level of encryption available. WPA2 encryption should be your first choice if your wireless router and all of your wireless computers and devices support it.
Even though one type of encryption may be better than another, any type will dramatically improve your network's security by making you a more difficult target.
- Allow access based on MAC address. A MAC address (Machine Access Code) is a unique number that every network-enabled device can be identified by. Most wireless routers will allow you to set up access based on MAC addresses, allowing access to only those computers or devices which you have entered into the table. This can be more time-consuming but will certainly prevent all but the most well-equipped crackers from accessing your network.
This article was originally published on www.topsight.com
Thursday, January 27, 2011
Google was capturing your wireless packets
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment