Skip the navigation

The War Driver Returns

By David Ramel
May 15, 2006 12:00 PM ET

Computerworld - I am back on the prowl. Stealthily I slide through the night, searching for unprotected wireless networks. I find one!

And then I find hundreds more. Who cares? War driving is so 2004. Wireless security has matured and moved on. When's the last time you heard of a wireless hack? If it happens, it sure doesn't get any publicity anymore.

But the news is chock-full of stolen laptops and other data breaches — take a look at our Data Security Breaches page.

Why sit out in a parking lot for hours "sniffing" wireless traffic when you can just walk in and grab the finance guy's laptop? Or surf your county's Web site for all kinds of personal data?

Also, increased awareness about the much-stronger WPA2 encryption spec and other precautions have cut down on all the fun — er, I mean, made us all safer.

For sure, there are plenty of targets out there. Two years ago, I went war driving on my route to work and found more than 100 wireless networks. This year, I found more than 400.

Back then, about 70% weren't encrypted; this year it was around 55%. So even though a higher percentage of networks are encrypted, there are now many more total unencrypted networks.

Is there really a wireless security problem?

So, why the lack of hacks? Is wireless security still a problem?

"I think the problem is relatively small and dropping," said Gartner Inc. analyst John Pescatore. He said a big part of the problem a couple of years ago was that companies weren't supporting wireless networking but users were doing it anyway, setting up rogue access points with no central security management or strategy.

Now, Pescatore said, companies are supporting wireless and following security precautions. For example, he said businesses are more aware that they need something "stronger than password authentication," so he is seeing more companies rely upon secondary authentication.

Fellow Gartner analyst Ken Dulaney agrees. "This has become less of an issue," he said, for two primary reasons. First, "WPA2 has given us very good security, and the devices themselves are better protected than in past years."

He said there are now multiple levels of security implemented and extending to the desktop itself — such as PC firewalls — instead of a reliance on perimeter security only. "People are beginning to realize that protecting the environment is not working," he said.

Farpoint Group analyst and Computerworld columnist Craig Mathias said in an e-mail response that the wireless security threat should be divided into curious, casual hackers and professional data thieves. As for the casual hacker, he said, "I think the war-driving days are over; there's no real sport left in that, and simple WPA or WPA2 security are quite effective here."



Our Commenting Policies