Setting the Scene

Broadcast radio and, later, broadcast TV have defined wireless for two generations. The ability for radio waves and TV signals to go anywhere and be heard and seen by anyone has provided huge benefits to the general public since the early twentieth century. If you are the receiver this broadcast capability is very attractive, but sometimes for the sender these broadcast qualities can be a major disadvantage.

The military were the first to address the disadvantage of being heard by everyone. To protect communications over radio, the military adapted secret codes that had for many years been used to protect written messages. Techniques such as spread spectrum transmission were invented to try to prevent unwanted reception. Catalyzed by the need to protect wireless communication during the Cold War (1950 to 1980), huge advances were made in secure communications, but the general public did not receive any direct benefits from this work.

Because wireless technology has advanced and dropped in price, now almost everyone uses both radio receivers and transmitters?in mobile phones, cordless phones, Wi-Fi LANs, and a host of other equipment. However, along with this proliferation in use, over the past few years millions of people in industry and at home have had to face up to a basic conflict. They want the wireless advantage, "receive anywhere," without the wireless feature of "send to everyone."

This book specifically addresses Wi-Fi security. Wi-Fi is the most popular wireless method for networking computers, and people use it widely both in corporate locations and in the home. Typically a Wi-Fi "adapter card" is inserted into a computer so data can be sent to other computers or the Internet via a short-range radio link to a Wi-Fi access point. It means you can work at your desk or in a conference room, in your home office or in the family room. It provides freedom. Increasingly, Wi-Fi "access zones" in shops or hotels also provide Internet access to people "on the road."

Wi-Fi is not the only wireless technology available. For short-range communications Bluetooth or HomeRF[1] can be used. Cellular modems can also be used if a low connection speed is acceptable. However, Wi-Fi provides simple wireless broadband access and has become the market leader.

[1] HomeRF was a market competitor during 2000?2001 but lost out to the more successful Wi-Fi technology.

"Wi-Fi" is a brand name coined by the Wi-Fi Alliance. The purpose of the brand is to identify products that have been tested to ensure interoperability between vendors. Wi-Fi products include plug-in adapter cards, network adapters connected by USB, access points, and integrated devices such as personal digital assistants (PDAs) or even cellular phones. The Wi-Fi Alliance has established a testing program that operates all products bearing the logo in conjunction with a range of products from other vendors. As a result, customers can be confident that products will work outside the store. Wi-Fi products must be designed using an industry standard, known as IEEE 802.11.[2] There are various subgroups within IEEE 802.11, and each one is assigned a letter. For example, IEEE 802.11b is the standard on which many Wi-Fi systems are based today.

[2] The IEEE (Eye-triple-E) is a nonprofit, technical professional association of more than 377,000 members in 150 countries. The full name is the Institute of Electrical and Electronics Engineers, Inc., although the organization is most popularly known and referred to by its acronym.

You may have used Wi-Fi systems already. Perhaps you have become addicted to the convenience of working wherever suits you best, but you are wondering how to maintain the privacy of your information and you may have tried some of the security features built into your Wi-Fi system. Because you are reading this book, you are probably still concerned about the level of protection you have. You are right to be concerned. As you read through this book, you will realize that the tools provided with most Wi-Fi systems to date are not adequate to protect you. Although some of your data might not be important enough to attract any serious attack, the availability of downloadable attack tools means that even the kid next door might be able to get at your data. Our goal is to not only guide you to a secure solution but also to ensure that you get a good understanding of the problems of security and how they are solved.

    Part II: The Design of Wi-Fi Security