New Flaws in Wireless Security Exposed

November 20th, 2008 by Agent Smith (0) In The Spotlight, Wireless Vulnerabilities

The Wi-Fi Protected Access or WPA is aone of the most popular forms of security used by wireless networks. Yet the potential risk and ease of breaching it might trigger some alarms for a lot of poeple especially if they were at PacSec 2008 confefence in Tokyo.

A week before the conference, the Register announced two German researchers, Martin Beck and Erik Tews, were going to expose a vulnerability exposing WPA protected networds to an attack that could compromise certain communications in less than 15 minutes. If anyone reding our blog attended the conference, we’d love to hear how it all went.

But this is far from being the first vunlerability to go public.

In 2001, three researchers found a way to reliably break the previous wireless security protocol, known as Wired Equivalent Privacy (WEP), in less than two hours. By 2007, the latest refinement in attacks against WEP – found by Tews and two other researchers – reduced the time to recover a WEP key to less than a minute of calculations.

While those discovering how to tear security systems apart, those actually depending on them seem to be learning one thing: you’re never really safe! So if any extra security is at hand, apply it asap!

Employees Dodge Security to Increase their Productivity

October 28th, 2008 by Agent Smith (0) Research and Studies, security breach

The most recent survey released by security firm RSA showed that technology workers are very resourceful when it comes to bypassing corporate security policies to get their work done more effectively.

The 2008 Insider Threat Survey showed that over 50% of those surveyed believed security policies to be too restrictive. The overwhelming majority is familiar with the policies enforced by their employers, that’s why they know how to circumvent them. As a consequence, more than half manage to access their work email accounts from public computers and even more check their emails through public wireless networks.

According to the Security Focus article on the survey, respondents came from three different countries, the US, Brazil and Mexico.

What solutions are there for companies in these conditions? Tightening security would definitely not be the answer. Instead of blocking their access to technological advantages, they should adapt their security solutions to enable access while still preserving the desired level of security.