Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

[802SEC] Non-member submission from [Leigh Chinitz <>]RE: LIST-SPECTRUM: Re: Feds Label Wi-Fi a Terrorist Tool

Forwarded for a non-subscriber.


-----Original Message-----
From: Leigh Chinitz <>
To: "'ieee 802 sec reflector (e-mail)'" <>,
   "'ieee 802. 18 reflector (e-mail)'" <>,
   "'weca-spectrum reflector (e-mail)'" <>
Subject: RE: LIST-SPECTRUM: Re: Feds Label Wi-Fi a Terrorist Tool
Date: Tue, 10 Dec 2002 19:49:16 -0800

While I don't want to appear to be taking the side of the Cybersecurity
people, I think we need to do more than simply assert that the claim is
false.  As far as dial-up, people tend (right or wrong) to trust the
security of the telephone network for providing network access.  For
example, in many companies you can dial in to the corporate network to
access resources, but if you are using internet access you need to run a
to get to the same resources.

I think that the concern to which they are referring, at least one of
would be the case of telecommuters.  If a user opens a secure tunnel to
enterprise or a government facility, say, and uses a client device
via a wireless link, the concern may be that someone who gets access to
wireless link now has access to the secure tunnel.  (In a sense.)  I
that concern is different than a random person having dialed in to the
internet via an ISP.  That is, the hacker has just gotten behind the
firewall, for free.

I'm just trying to say that we should avoid getting into a "yes it is,
no it
isn't" fight.  We need a well thought out position.


-----Original Message-----
From: Yoram Solomon []
Sent: Tuesday, December 10, 2002 4:08 PM
To:; 'ieee 802 sec reflector (e-mail)'; 'ieee
802. 18 reflector (e-mail)'; 'weca-spectrum reflector (e-mail)'
Subject: LIST-SPECTRUM: Re: Feds Label Wi-Fi a Terrorist Tool

Getting a free dial-up account does not include any background checks to
assure that whomever gets that free access to the network is not a
terrorist, or is not using it as a tool to "could bring down the network
this country
very quickly".  Why wouldn't they consider regulating dial-up access,
further more - perform background checks on everyone who access the
Internet?  By the way, the Internet can be accessed from other

I think we should make sure that the Department of Homeland Security is
aware that Wi-Fi does NOT pose a higher threat than ANY type of Internet



-----Original Message-----
From: Stevenson, Carl R (Carl) []
Sent: Friday, December 06, 2002 9:34 PM
To: ieee 802 sec reflector (e-mail); ieee 802. 18 reflector (e-mail);
weca-spectrum reflector (e-mail)
Subject: LIST-SPECTRUM: Feds Label Wi-Fi a Terrorist Tool

Subject: Feds Label Wi-Fi a Terrorist Tool
From: "Dewayne Hendricks" <>
Date: Fri, 6 Dec 2002 17:14:48 -0800


Feds Label Wi-Fi a Terrorist Tool
By Paul Boutin

SANTA CLARA, California -- Attention, Wi-Fi users: The Department of
Homeland Security sees wireless networking technology as a terrorist

That was the message from experts who participated in working groups
federal cybersecurity czar Richard Clarke and shared what they learned
this week's 802.11 Planet conference. Wi-Fi manufacturers, as well as
and office users, face a clear choice, they said: Secure yourselves or

"Homeland Security is putting people in place who will be in a position
say, 'If you're going to get broken into ... we're going to start
regulating,'" said Cable and Wireless security architect Shannon Myers
a panel dubbed "Homeland Security vs. Wi-Fi."

Myers was one of several consultants for President Bush's Critical
Infrastructure Protection Board, which is finalizing its National
to Secure Cyberspace.

Since being named special advisor to the president for cyberspace
last year, Clarke has stressed wireless access points as a national
security threat.

"Companies throughout the country have networks that are wide open
of wireless LANs.... Millions of houses are getting connected, which
that more and more are getting vulnerable," Clarke told attendees at the
Black Hat Security Briefings in Las Vegas earlier this year.

"We know that (an attack) could bring down the network of this country
very quickly. Once you're on the network, it doesn't matter where you
in," said Daniel Devasirvatham, who headed the Homeland Security task
force for the Wireless Communications Association International trade

Devasirvatham said the telecom industry was represented at security
planning talks with federal agencies, but the wireless sector itself was

"Do you consider yourself part of the telecom industry?" he asked the
802.11 Planet audience. "If you're a nethead instead of a Bellhead, you
probably don't. I think there's a major disconnect here."

But Myers acknowledged that regulators were frustrated in their search
a quick fix to plug Wi-Fi holes.

"There's just not a lot of technology out there right now that can be
to secure the technology in place," she said. "They're not at a point
where they can say, 'This will solve the problem,' and mandate it."

Rather, the most recent draft of the National Strategy document lists
stopgap steps that home and office Wi-Fi users should take to make their
networks harder to crack. The National Institute of Standards and
Technology's Wireless Network Security document contains more detailed

Speakers called on corporate Wi-Fi customers to participate in creating
security enhancements and best practices, lest regulators do it for
"Expert advice needs to be obtained from more than just the industry
makes the equipment," Devasirvatham said.

Conference attendees were split on the potential of wireless nodes as
terrorist access points.

Boingo CEO Sky Dayton suggested turnkey security standards under
development would improve the technology's reputation. "It's possible to
secure a wireless network today," he said. "But it needs to get easier."