Feeds

Sydney wallows in cesspit of WiFi obsolescence and ignorance

World of Warbiking WiFi sniffing peloton finds lots of unsecured connections

Boost IT visibility and business value

Sophos has brought its Raspberry-Pi-powered World of Warbiking WiFi-sniffing peloton to Sydney and found, as it does everywhere around the world, that some people just can't be bothered with WiFi security.

The Word of Warbiking sees Sophos' head of security research James Lynbe strap a Pi and various WiFi cards to his bicycle and then tour a city to get a feel for which versions of encryption are used by resident WiFi networks. In London, the penetrative peloton found 29.5 per cent were using either the dud Wired Equivalent Privacy (WEP) algorithm, or nothing.

Sydney fared a little better, with just 3.98 per cent running WEP and 23.85 running naked. Wi-Fi Protected Access II (WPA 2) was the most prevalent protocol, with 44.02 per cent of the 34.476 networks found along a 4.2 km route running through the central business district, over the Sydney Harbour Bridge and then through the posh urban enclave of Kirribilli.

Lyne opined, in a lamentably bacon-free post-ride briefing, that Sydney's results and those from around the world come about because some people fall through the cracks despite the security industry's ongoing attempts to scare their pants offeducate them about best practice. That's unhelpful, he said, because it means there's always someone out there running old and/or insecure kit that bad guys can exploit.

Happily, he went nowhere near the usual “Narco-terrorist money launderers are rummaging about in your bank's mainframe over WiFi, now” alarmism. Instead, he pointed out that the a good many people either read email or conduct online banking while using insecure WiFi connections, which presents all manner of opportunity for those who would seek to observe and take advantage of their behaviour.

Sophos' peloton has, to date, visited London, Hanoi, Las Vegas and San Francisco. Results from all cities are quite similar: there's a fair bit of WEP around the world, less WPA-2 and HTTPs than is sensible and a lot of people who either don't care or don't know to care about doing better. ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
Microsoft: We plan to CLEAN UP this here Windows Store town
Paid-for apps that provide free downloads? Really
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Hear ye, young cyber warriors of the realm: GCHQ wants you
Get involved, get a job and then never discuss work ever again
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?