Wi-Fi

Wi-Fi Intended Use Case And Definition

Wi-Fi is a technology for wireless, local area networking of devices based on the IEEE 802.11 standards. It started small, intended mostly for industrial use, and has grown to be the most common way that all our personal electronics devices connect at home or at the office.

Wi-Fi Development

The development of Wi-Fi leveraged many of the same protocols and technology as Ethernet, with one very large difference. All transmissions are happening over the air, by the form of frequency waves.

Wi-Fi History / Generation One | WPA

Originally, the authentication and privacy mechanism for Wi-Fi were very weak. The standard had a simple option to provide encryption called Wired Equivalent Privacy (WEP). WEP used a key to encrypt traffic using the RC4 keystream. However, someone could compromise WEP fairly quickly if they had the right tools and a reasonably powerful machine. Stakeholders together with IEEE and the Wi-Fi Alliance gathered together to discuss the possibly of improved security, and WPA was born. WPA Wi-Fi Protected Access added extra security features, but retained the RC4 algorithm, which made it easy for users to upgrade their older devices. However, it still didn't solve the fundamental security problem.

Wi-Fi Generation Two WPA2

A new standard, based on the Advanced Encryption Standard AES, algorithm from the National Institute of Standards and Technology (NIST), was also introduced as Wi-Fi Protected Access 2 (WPA2). This was a lot more secure than WEP. In addition, new enterprise grade authentication was added to the technology, creating two flavors of each security style. The personal level of security continued to use a Shared passphrase for network authentication and key exchange. The enterprise level of security used 801.1x authentication mechanisms, similar to those used on wired networks, to authenticate users and set up encryption. However, poorly chosen or weak passphrases could still leave networks vulnerable.

Wi-Fi Generation Three WPA3

Released in 2018, Wi-Fi Protected Access 3 (WPA3) introduced a new, more secure handshake for making connections, an easier method for adding devices to the network, increased key sizes, and other security features.

Wi-Fi Security In Modern Times And Attack Methods

It might seem like that's it, wireless is now secure. Unfortunately, that is not the case. Hackers have found several ways to exploit human behavior and still get access to the information they want. Free Wi-Fi available, at public might seem too good to be true, because it is. Hackers set up access points APs to act as Honeypots in public areas. The unsuspecting people who connect to these so-called free networks, don't realize that the hacker has access to everything they are doing online. (To any packet that's being sent, such as paying for a service, hackers have access to the credit card information as it was exchanged in the sale.) In addition, our handheld devices remember networks we've attached to in the past. In an effort to help us, they automatically look for and attach to that network again when they see it. This means that a hacker can sniff the network and see us trying to connect to a network, such as a hotel network. And setup up a fake access point named hotel and disrupt the hotel network, so unsuspecting users try to connect to his. You're not just exposed when you're away from home. Many people setup their networks at home, but never turn on security. Or if they did, they set it long ago, possibly using WEP or WPA for old networks (Most modern networks use WPA2, and rarely you'll see WPA3). The user most likely set up a weak passphrase such as their phone number or a common phrase related to them, giving hackers a very easy time.

Good Rule of Thumb To Protect Your Network

First making sure that your router is at least WPA2, WPA3 would be better. Second, using a complex password that isn't related to you. Third, changing the router password from admin to something way more complex, using a password randomizer. Forth, enabling client insolation. Fifth, if your router supports it, making separate VLANs for the IoT's and your personal devices.

Good Rule of Thumb To Protect Yourself Outside

First, Do Not Connect To Free Wi-Fi's, it's not safe. Second, disable Wi-Fi on the phone, your phone will try to connect to known SSID's and someone might set up an AP named as home. Your phone will try to connect to it. Third, disable Bluetooth, Bluetooth advertisement, and connections via Bluetooth.

Good Luck, stay safe.