Barney's Blog

Blog archive

Mailbag: How Safe Is Wi-Fi?, IE 8, More

On Tuesday, Fred posed a question to fellow Redmond Report readers -- what should he do to keep his home WEP Wi-Fi connection secure? Here are your responses:

Regarding Fred's question on wireless: WEP is commonly defeated in under 10 minutes, so if someone decides to target your network, any available resource will be open to them. I'd worry less about the man next door than I would about the boy next door, who might try to break into your network just for the 'fun' of doing so. Another worry with WEP is having a stranger gain Internet access through your network and then use it for criminal activity, which would trace back to your IP address.

If you don't share anything on your computer, including hidden shares, a hacker can get access to the Internet only. The harm here is that they can capture your Internet traffic, but this would be very unlikely in a home environment. Even if they do capture Internet traffic, https sites are safe because of encryption. For example, your username and password for most Web-based e-mail is safe because it is encrypted; the log in page is usually https://something. However, the e-mail packets themselves are probably not encrypted and can be captured. You can configure Firefox to encrypt all Gmail traffic, but this is an exception. If you use e-mail handlers like Outlook or Thunderbird, your SMTP port is 25 and your POP port is 110, your mail transmissions can be easily captured. Hackers can also use peer-to-peer file transfers and slow down your Internet connection (the odds against this happening are astronomical).

I can hack 128-bit WEP encryption in 10 minutes if I am close enough to the access point, usually within 100 feet. The farther away, the more time-consuming the hack. Right now, the average hacker would not bother with any WPA because WEP is easy and plentiful. Almost all wireless routers and network cards can be configured with WPA. If you really want to be safe, use WPA-2 with AES and more than 20 characters in the encryption key. Also, keep potential hackers more than 300 feet away. This is almost as safe as a wired network.

Once again, if you don't have anything shared, including hidden shares, and you don't have sensitive e-mails, there is not much to worry about from Wi-Fi.

Have you tried the IE 8 beta? A few of our readers have and their responses are mixed:

I have used IE 8 on Vista SP1 for four or five months without any issues.

One problem I've had with the IE 8 beta is when I tried to uninstall it, it completely hosed my system, basically reverting it back to the factory default programs and settings. I had to use System Restore to restore my system the way it had been, including the beta version of IE 8. I'm using Window Vista Ultimate with 4GB RAM and a 2.20 gigahertz Intel Core2 Duo processor.

Joseph thinks the open source business model isn't necessarily "broken," as one analyst said; it might just be suffering from a perception problem:

Making money from 'free' software is not anything new. There are hundreds of VARs out there that sell products at near-cost to get the implementation contract. The problem is marketing -- when I had my own consulting business, I put on a "free" seminar at a local community college and hardly anyone showed up. I raised the "price" to $99 for the same seminar and got an overwhelming response from businesses. There is a price-point at which people perceive "cheap" to be valueless.

And finally, "cloud" might be Microsoft's new buzzword, but Alan isn't buying into it:

I do not need the cloud, and I do not care about it. It is insecure at best.

Tell us what you think! Leave a comment below or send an e-mail to [email protected].

Posted by Doug Barney on December 04, 2008


  • Image of a futuristic maze

    The 2024 Microsoft Product Roadmap

    Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.

  • Microsoft Sets September Launch for Purview Data Governance

    Microsoft's AI-powered Purview solution to address governance and security challenges is set to become generally available on Sept. 1.

  • An image of planes flying around a globe

    2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • End of the Road for Kaspersky in the United States

    Kaspersky on Monday said it is shuttering its U.S. operations, just days before a nationwide ban on sales of its security software was set to take effect.