AirPort security is dead. Not the airline terminal kind, but the built-in variety found in Apple’s AirPort technology and other 802.11b (also known as Wi-Fi) wireless networking hardware from many different manufacturers. Although security experts have warned for months that gaping holes in the Wireless Equivalent Privacy (WEP) protocol rendered it unsafe for serious use, two academic papers released this month put the nails in the coffin.
WEP was supposed to ensure a first line of attack against data sniffing. Because 802.11b devices send traffic wirelessly, anyone within range can intercept this traffic. If the traffic is sent without WEP encryption, simple packet sniffer software can grab packets out of the air and turn them back into email messages, Web pages, and so on. (EtherPEG, a program developed at MacHack in 2000, sniffed graphics off Web pages being transmitted to Web browsing attendees.)
If you enabled WEP by entering a passphrase (AirPort) or encryption key (most PC systems), only other systems with that key can access the network. It turns out, however, that WEP’s underlying algorithm – the way in which the encryption system is implemented – is extremely weak. The two recent papers show that a key can be extracted with no knowledge of the networks after only a few minutes of watching network traffic. Encryption algorithms have to rely on a huge number of non-guessable, non-repeatable chunks of data passing by that would require either unreasonably large amounts of interception or impossible computation to break. The common algorithm used by WEP turns out to rotate a small number of combinations overlaid with an identical pattern of network headers.
The first paper was written by three authors including Adi Shamir, the "S" of the influential RSA encryption algorithm, an early approach that led to commercial systems. Their paper describes logical weaknesses that allow key cracking through passive sniffing of a network. (The paper is not yet online, but an EE Times story documents it well.) The second paper is a practical discussion of successfully implementing the attack; it came out just a week after a draft of the first paper.
What To Do — Most serious wireless advocates, including the industry consortium WECA (Wireless Ethernet Compatibility Alliance, of which Apple is a member), have urged users with sensitive data to employ an additional encryption layer on top of the now-minimal protection offered by WEP. This advice also holds true for users or systems that use no WEP protection, including virtually all of the public networks (free and for-fee) spreading around the country, and now at over 500 Starbucks outlets.
Corporations typically use virtual private networks (VPN) which use PPTP (Point-to-Point Tunnelling Protocol) or IPSec (Internet Protocol Security) to encrypt traffic and pass it seamlessly from a user’s laptop or remote computer over the Internet through the company’s firewall and onto the local network.
Individual users may want to try using SSH (Secure Shell) and SSL (Secure Sockets Layer) products, both of which enable secure encryption of connections travelling over insecure networks. Only a few SSH- and SSL-capable programs are readily available on the Macintosh, though more may be coming for the Unix-based Mac OS X, such as Stalker Software’s industrial strength mail server, CommuniGate Pro. We’re all familiar with SSL from the Web: secure sites (like online retailers) use SSL to manage encrypted connections between your browser and the site. Less typical, but increasingly available, are SSL plugs into more familiar software like Eudora. With an SSL-equipped mail server, you can use Eudora without passing your name and password or incoming and outgoing email in plain text.
SSH was designed to replace Telnet, by allowing remote, secure access to a command line on a Unix or similar system. The free NiftyTelnet 1.1 SSH and MacSSH support SSH for Telnet-style connections, and F-Secure offers a $120 SSH Macintosh client that can communicate securely with Internet services tunneled through the F-Secure SSH Server for Unix or Windows NT/2000. Under Mac OS X, the free OpenSSH has already replaced standard Telnet access to the Unix shell with SSH, but SSH could also be used more broadly to "tunnel" traffic to POP mail servers or through proxies that would offer end-to-end encryption from your machine to the destination server.
All of these security concerns are predicated on the idea that someone wants your data, either indiscriminately (such as a sniffing in a public place with wireless access) or specifically (breaking into your home or company network). Most home users have nothing to fear, because even though the attack is fast and relatively simple for someone with the appropriate hardware, software, and networking skills, it’s unlikely to be employed indiscriminately against private individuals in their homes. Quite simply, the standard email and Web browsing activities that comprise the majority of normal Internet traffic just aren’t sufficiently interesting, so the bad guys aren’t going to have much interest in sniffing wireless network traffic.
The biggest concern of working on an open wireless network (or one someone has cracked) is that passwords you send for email, FTP, Telnet, or non-SSL Web sites – such as those stored in the Keychain or Internet Explorer’s password management system – can be swiped relatively easily. Having passwords stolen not only puts your data at risk, it also potentially opens your computers up to be used as zombies in denial of service attacks or as relays for hiding the attacker. The best protection for your passwords is to use programs that encrypt passwords whenever possible, to change passwords frequently, and to use different passwords for different services (using the same password for your POP email as your Unix login makes it more likely someone could break into the Unix account).
Stay tuned, since I plan to look into the topic of security on the Macintosh in a future issue of TidBITS. If you’re dying to know more right away or want a book-length discussion, check out Peachpit Press’s just-published Internet Security for Your Macintosh by Alan Oppenheimer and Charles Whitaker.