Sunday, November 21, 2010

Tuesday, November 9, 2010

Google Frees Wi-Fi on AirTran, Delta, and Virgin America

Google Frees Wi-Fi on AirTran, Delta, and Virgin America

Google has opted to underwrite free Wi-Fi over the holiday season on three airlines: AirTran, Delta, and Virgin America will offer free Wi-Fi from 20 November 2010 to 2 January 2011 under Google's sponsorship. Delta is, by far, the largest of the three airlines, and has hundreds of planes equipped. It's a promotion for the Google Chrome browser, which may a branding campaign in anticipation of devices appearing that run the Google Chrome OS.



Virgin Mobile Adds Unlimited 30-Day Usage Plan

Sunday, November 7, 2010

Clearwire Cuts Staff, Growth, Future

Clearwire is digging in: The company, majority owned by Sprint, is shaving expenses. This doesn't bode well. With aggressive competition for 4G services from AT&T and Verizon Wireless, cutting back seems to make less sense than trying to double down. Clearwire is laying off 15 percent of its staff and delaying new markets and handsets.

Clearwire had already said it was testing LTE, the alternative to WiMax. WiMax's chief advantage was that it was available long before production LTE gear, and could take advantage of broad channels that Clearwire and Sprint had available in spectrum they'd acquired. LTE is now coming to market, and will be the dominant 4G flavor worldwide, while WiMax has developed into a useful niche technology that could retain double-digit marketshare even when LTE is the powerhouse.

However, how can Clearwire redeploy in the middle of a cash crunch? Especially with $2b in debt and other obligations becoming due in 2011, as Stacey Higginbotham reports.



Sprint Resignations from Clearwire Board Signal Little

In-Flight Wi-Fi and In-Flight Bombs

In-Flight Wi-Fi and In-Flight Bombs

The NewScientist asks if in-flight Wi-Fi or cell use might be banned after Yemeni-originated bombs: Wi-Fi seems unlikely to be disabled for security reasons. A compatriot would be required on board to navigate the login process with an account or credit card, or a script would have to be written to handle that. It seems rather complicated and prone to failure. Otherwise, a compatriot would need to be on board, in which case the compatriot could trigger the event.

There's one potential for danger, which is DNS tunneling. Devicescape and other authentication systems work at hotspots by sending particular DNS queries through to remote servers that respond with information in special text records that can provide login credentials and other information. DNS is proxied and often scrubbed for hotspots, however, and I suspect that Aircell figured this out in advance.

On the cell side, only a handful of planes in Europe and the Middle East are flying with picocells on board that can be used to establish a phone connection via a satellite data link. A number of elements would also need to be in place for a remote connection to be established. A timer or air-to-ground cell link would be much more reliable.

I expect that authorities will scrutinize in-flight cell and Wi-Fi service for additional weaknesses, but I doubt any ban will be put in place.



Southwest Sets In-Flight Wi-Fi at $5

Monday, November 1, 2010

Can WPA Protect against Firesheep on Same Network?

Can WPA Protect against Firesheep on Same Network?

Steve Gibson suggests using WPA/WPA2 Personal encryption on hotspots to prevent Firesheep from working among users on the same network: That's an interesting idea, but only for the moment. Gibson explains the weakness to his solution in a comment below the post. I recommend at the bottom a solution involving WPA/WPA2 Enterprise that builds on Gibson's recommendation.

The shared passphrase version of WPA lets an access point and Wi-Fi adapter (the "station") negotiate what's sometimes called a session key (the pairwise transient key). You can't extract or crack that session key without watching the initial association during which secrets are sent, but which a party with the passphrase could monitor. But not so fast. You just need to force a deauthentication—currently not guarded against in 802.11 or Wi-Fi, but which will be one day—and all the stations will run through their four-way handshake again.

Someone who might run Firesheep, a point-and-click credential theft Firefox plug-in and proof of concept, is likely to not download and install Wi-Fi cracking software that would aid in this. Aircrack-ng, the gold standard, requires some technical know-how to use.

But the code is freely available and licensed under the GPL. Firesheep is also free, open-source, and available. All it would take is an interesting party to combine the two into an active attack agent—perhaps called Firecracker. This would move use of the extension from potentially illegal in some jurisdictions (passive scanning may be legal, but sidejacking is probably a crime in most states and many countries), to definitely illegal in most areas (forcing deauthentication in order to obtain credentials). But it could still be a point and click operation.

Thus, a WPA/WPA2 Personal protected network would briefly afford some protection against Firesheep, it wouldn't be long lived.

The more sensible action is one I first heard discussed years ago. Enable WPA/WPA2 Enterprise (802.1X) on a network and give out the same user name and password to every user. This reduces the administrative burden of password management to zero, and allows any savvy visitor to get a higher level of protection. WPA/WPA2 Enterprise in the form of the most common method, PEAP, uses SSL/TLS to protect the handshake between station and access point, protecting the unique key assigned from even those with the same 802.1X login information.

Windows and Mac OS X have offered PEAP clients for years. Free clients for versions of Windows without it can be obtained. Linux has clients as well. There's no technical bar to set this up, just one of education. If you can't get users to employ VPNs, or they don't have access to them, 802.1X is a much simpler way to go.



Firesheep Makes Sidejacking Easy