My Photo

Search Our Blog


  • Google Search

Subscribe to ZiefBrief


  • Subscribe with Bloglines

  • Add to MyYahoo

  • Add to MyMSN

  • Subscribe with Newsgator

  • Add to MyGoogle
Blog powered by Typepad

« Succeeding in First Year: Advice From the Blogosphere | Main | Succeeding in First Year - Advice from the Stacks »

Comments

Mike B

"(Our helpful Law IT staff ask us to remind you that, wireless being wireless, it will never be 100% secure. So please don't use it for your online banking and such!)"

I must point out that this is a common misconception about wireless networking - that "wireless being wireless", it is inherently less secure. Yes (wireless or not!), someone can hack into your computer if you leave it vulnerable and the hacker knows what (s)he is doing. Yes, people can get around any password protection on the wireless access point itself.

But no, online banking would not be vulnerable in transit if the site is SSL encrypted. Someone isn't going to intercept the packets and decrypt them more easily because you are using a wireless network. If a hacker wanted to break a 128-bit SSL encrypted session, it would take more than someone's lifetime.

Greg Haverkamp

It's fine advice. Of course wireless is inherently less secure. Wired networks require physical access at some hop along the way. Wireless requires no such access.

If wireless has been rolled out as it existed over the summer, advertised with the USFWireless SSID, there's no meaningful authentication of the wireless network one is joining. The only authentication that occurred over the summer was the standard corralled login to use network resources. As a result, an easy end-run around SSL would simply be a man-in-the-middle attack accomplished by a rogue wireless network.

In short, one shouldn't assume security over SSL when operating over an untrusted medium. If, on the other hand, the school implemented a wireless security protocol that allowed for authentication of the remote networks, it would be far easier to feel secure. When I was forced to implement such a network -- back in 2000 -- I terminated all wireless at an isolated port on our IPSec VPN concentrator. The only way out was with the use of a VPN client. However, even with all of those precautions, wireless would still be inherently less secure than a wired network.

Security issues aside, while it will be nice to have wireless in the library, having it will make it more difficult to stay off the network when work should be getting done. It will be especially bad if it extends to the classroom, where the already rampant surfing is a major distraction.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)