WLAN Security Conundrum
November 21, 2006 11:31 AM   Subscribe

I'm considering subscribing to a local WISP in the city I live in. Unfortunately, the guy's Wi-Fi network is using WEP encryption and I'm more than a little concerned about security. I doubt one customer recommending his small operation migrate to WPA or WPA2 would yield any results. Is there anything I can do to secure my connection?

Like I said, he's a small operator and I'm all about supporting local businesses (and I'm not a huge fan of the shoddy service I get from mainstream broadband providers). I'm having an outdoor panel antenna installed and plan on hooking that into a WPA/WPA2 wireless router for my home network. I'd like to know what the main points of vulnerability are and how to (if possible) strengthen them. I've considered running Tor to further secure my connection but am worried that it'll significantly reduce my bandwidth. I don't really have a need for a super secure connection but am a bit of an internet privacy advocate/I like to tinker. Any recommendations?

Dr.JOI, enthusiast and i-hobbyist extraordinaire
posted by Dr.James.Orin.Incandenza to Computers & Internet (4 answers total)
Do they offer any sort of VPN service you could run over the WiFi? That should do it.
posted by rbs at 11:34 AM on November 21, 2006

You must of course remember that your bandwidth is shared with all the other customers, and that you can't rely on WEP for privacy. I suppose he puts WEP there as a cheap way of keeping non-customers out.

As rbs said, if you need privacy, look into VPNs.
posted by stereo at 12:01 PM on November 21, 2006

some hosting companies offer VPN access, so that's worth considering, but possibly fairly pricy. (I like Dreamhost, and they offer it with a hosting plan that runs $64/mo if you pay for 2 years up front. there are others, but that's the one I know about.) the main point of vulnerability on wireless links is that you're broadcasting into open air where it's relatively easy to snoop on what's going on, even with WPA (though you seem to understand that). personally, I'd make sure that whatever website I'm on uses HTTPS (or, more generically, SSL) if it's going to be capturing sensitive information and/or possibly encrypting stuff like email with PGP/GPG where I can. (encrypting email is a good idea anyway - most servers don't do SMTP over SSL so even if you connect to your mail server that way, there's no guarentee that it'll be passed up in a similar fashion.)
posted by mrg at 12:40 PM on November 21, 2006

I wouldn't view WEP, or really even WPA, as a real "security device." Instead, I'd view that as more a way to keep people who aren't paying out of the network. Real security should involve end-to-end encryption, not just wireless protection.

What part of your internet use are you most concerned about? It's not like your current connection is exactly high-security. There are lots of points where your emails, IMs, or web traffic now can be intercepted without your knowledge.

IMO, you need to consider your security choices independently of your ISP choice. You should get an ISP that passes packets reliably and quickly, and at a price you can afford; then you need to decide how much effort you want to spend, securing various services. If it's just email and web finance that you're worried about, SSL for your POP and SMTP connections (if your email provider doesn't offer this, get a new one) should do, assuming you can't get your correspondents to use S/MIME or PGP, plus obviously SSL on the critical web traffic.

If you need secure access to a LAN, a VPN is the way to go. But just because you're using a VPN to some other host -- say Dreamhost or some other colo'ed server -- doesn't mean that your web browsing is "secure." Someone could still sniff the connection on a point closer to the destination server, after it's transited the VPN and been dumped back out on the public net.

I wouldn't say that WEP on the wifi is really a deal-breaker, because if you're that concerned about security, you need to be thinking about the broader picture.
posted by Kadin2048 at 3:19 PM on November 21, 2006

« Older efficaciness   |   iMovie: refreshing video source files Newer »
This thread is closed to new comments.