Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
Technology

Secure Wireless Through Infrared Antennas 136

Posted by CowboyNeal from the wires-in-the-sky dept.
oogamrm writes "Everyone knows the main problem with Wi-Fi: Security. It's relatively easy for intruders to sniff packets out of the air and even connect to the wireless net. While most wireless companies have responded by trying to beef up the encryption, the University of Warwick's engineering department has developed an optical antenna that operates in the infrared band. This means almost no energy leaking through walls, and simple filters to block it from exiting through windows. The antennas can be so well tuned that several networks can be co-located in the same physical space. The whole story is available at news.com.com."
This discussion has been archived. No new comments can be posted.

Secure Wireless Through Infrared Antennas More

Secure Wireless Through Infrared Antennas

Comments Filter:

  • Enh, too little too late (Score:5, Insightful)

    by mfos.org ( 471768 ) on Monday November 11, 2002 @10:33PM (#4647769)
    This would have been great a while ago, but what I don't understand why its so difficult to have created truly secure wireless networks in the first place. I mean, come on guys, there's tons of public key cryptography stuff out there, I don't see why that wasn't used from zero day.

    Granted, I'm not a wireless engineer, I just play one on slashdot, so I could very well be talking out my ass.

    • Re:Enh, too little too late (Score:5, Insightful)

      by quick_dry_3 ( 112334 ) <steven&quickdry,net> on Monday November 11, 2002 @10:42PM (#4647832)
      I'm not a wireless engineer either, but I'd imagine that public key crypto has too high an overhead - don't most PKI systems use the public key to encrypt a session key that gets used with 'normal' symmetrical cyphers?

      • Re:Enh, too little too late (Score:5, Insightful)

        by delta407 ( 518868 ) <slashdot@NOspAm.lerfjhax.com> on Monday November 11, 2002 @10:51PM (#4647885) Homepage
        Yes; most symmetric ciphers are faster than pubkey ciphers. Public key encryption is used only in key exchange for most protocols, SSL included.

        Then again, if you're going to hook up countless tiny antennas to a big fat DSP, there's no reason you couldn't use public key crypto in realtime. But, symmetric cryptography is easier computationally and just as secure, hence the reason most engineers choose to swap keys and change cryptosystems as soon as possible.
        • there's no reason you couldn't use public key crypto in realtime

          Yes there is. Encrypted text's size is on the order of the key length, no matter the size of the plaintext. If you want to only send 1 byte, but encrypt with a 2048 bit key you'll be sending about 2048 bits of encrypted text. This has severe consequences for bandwidth and latency. Symmetric algos generally don't have this problem.
          • OT but...

            Erm... well actually any block cipher requires plaintext to be a multiple of block size, so you really can't send less than that at a time (unless you're using it in OFB streaming mode, but then it's really a stream cipher anyway). A standard stream cipher, probably implemented with shift registers or the like, is the best for a wired data line; then you can send one bit at a time if you really want to. With a wireless datalink, there's lots of overhead anyway, so 16 bytes from say AES or (pick your favorite block cipher) isn't much. This is why Blowfish is used in ssh.

            The bigger problem with public-key algorithms is speed: RSA is much slower than most symmetric ciphers. ElGamal is no good because it is slow, has large data expansion (2x), and requires a lot of strong pseudorandom numbers. If you were going to use public-key encryption over a link, the best algo would probably the little-known McEliece [kisa.or.kr] system because it is very fast and has built-in error correction. However, it requires a good PRNG and a very careful implementation to avoid being cracked, and some cryptographers are still skeptical, especially for pipelines with lots of data. Not to mention that its minimum secure key length is about 64K.

            The best use for public-key crypto is definitely to exchange symmetric keys. That way you only have to use the code once per session, don't stress your PRNG, get more speed and avoid too much data expansion.
            • Erm... well actually any block cipher requires plaintext to be a multiple of block size, so you really can't send less than that at a time

              Symmetric keys are rarely as large as asymmetric keys. This is the source of the data inflation problem associated with asymmetric algos.
              • Actually not really. Maybe if your packets are really small this could be an issue, but for stuff that requires lots of bandwidth (say, file downloads), you have lots of data to transmit anyway, so block size is not the issue. However, with many asymmetric keys, you have intrinsic data expansion: everything you put into ElGamal (whether over elliptic curves or finite fields) or McEliece comes out twice the size. RSA doesn't have this problem, and is probably the best asymmetric algo currently out there for encrypting a link unless you're willing to put up with the problems in McEliece (knapsacks would be the best, but they were broken almost 25 years ago). RSA, however, is still too slow, requiring a substantial fraction of a second per block on most systems. And by the way, elliptic keys are usually around 200 bits, which is smaller than say a Blowfish key, which can be up to 448 bits (though this is much bigger than a block, and it is really block size that matters, and elliptic encryption also doubles data size). The only symmetric block cipher that I've heard of with a huge block size is Crab at 1KB, and it's probably not secure anyway.
                • We are ignoring processing costs since the original poster was suggesting to implement this in hardware (which doesn't really negate the cost, but will for this discussion). Frow a purely memory-slanted view, symmetric algos win out.

                  We are looking at general use, not intensive downloading so one should study typical traffic flow and determine from that what typical packet sizes are. Then, one can readily determine the appropriate algo.

                  Elliptic crypto is more cpu-intensive to use than RSA and easier to break at the same processing level so I'm not sure I would recommend it for use in applications with high bandwidth demands.

  • Mmmm (Score:1, Offtopic)

    by acehole ( 174372 )
    I'll be happy to stick to my two tin cans and a peice of string.

  • Trouble brewing (Score:3, Funny)

    by sheWhoWalksWithToesL ( 606460 ) on Monday November 11, 2002 @10:34PM (#4647781)
    Great. Hackers are going to start using palm pilots to hack into the network. *beam Klez* (system procedes to crash) (admins procede to commit hari kari)

  • WOW (Score:1)

    by wwelles ( 621959 )
    I think the question is... how much approx $$$ would it cost?
    • Ask IBM. They have had it in their reasearch center in Zurich since mid-60es. This is just reinventing the wheel.

  • Isn't that weird... (Score:5, Insightful)

    by ealar dlanvuli ( 523604 ) <froggie6@mchsi.com> on Monday November 11, 2002 @10:37PM (#4647797) Homepage
    I thought the great advantage of 802.11x was it *wasn't* on the infared spectrum like every wireless proticol prior.

    Then again perhaps some people enjoy only having line of sight networking, to each his own.

    • Re:Isn't that weird... (Score:5, Funny)

      by Surye ( 580125 ) <surye80NO@SPAMgmail.com> on Monday November 11, 2002 @11:17PM (#4648045) Homepage
      I can just see the new paths layed down in chalk in offices, so as to not walk in front of the network LoS.
      "Damn John, you walked right in front of my connection, now I gotta start this all over again"
      • It's funny that you mention that. I remember trying to transfer files at school from an IrDA capable laptop to an IrDA capable printer. It took 3 hours and in the end we had to build a cardboard tunnel to cut the interfereance out. (the funniest part was at about hour 2 when we realised that the manufacturer's plastic protecting sticky tape was still on the electronic eye of the printer. We peeled it off and got a much better signal)

        Anyway, from the picture of the optical antenna, I would guess that it would be oriented upwards so that it looks like a big fisheye lense pointing at the ceiling. Since IR bounces off walls (I know because I've sometimes changed the channel on my TV while pointing my remote in the opposite direction) then I guess that the whole point of the optical antenna is that it is able to see the ceiling and not be blocked because if the direct LOS is blocked, than this omnidirectional antenna should get usable signal from the reflections coming in the opposite direction.
      • This brings a whole new definition to the term "War Chalking"
    • No it isn't weird - LoS is a good model for fixed station deployments (you generally need LoS for long distance wireless anyway). In fact, 802.11b defines an infrared physical layer.
    • Everyone seems to be thingking about this from their own personal point of view (and thats fine), but not everyone needs to go through walls. For example: company A has 2 locations on the same street across from each other (or down the block or just somewhere in close proximity to each other) Dark fiber hasn't been laid in the streets, they can slap one of these on the top of each building and point them at each other. Granted I am not taking the elements into account, mainly because I don't know how this would be affected by it. Point is though, there is a reason this is being developed, someone, somewhere saw a need for it. I agree.

      • If this is the intended use, then it is redundant, lasers have been used for this exact purpose for longer than 802.11 has been around. I read the article, an saw this as competition to 802.11.

    • About 8 years ago I worked with a group that did wireless LAN over IR. If done right you don't have to have the exact line of sight that IrDA requirees. We used 'diffuse' IR which basically meant all transceivers pointed towards the ceiling and IR bounced off the ceiling from one node to another. You were still limited to being in the same room but you didn't have to fiddle with aiming your transceivers exactly at someone else's. We even had LAN access points so with one AP in every room you could have your connection to the wired LAN and roam from room to room without losing it.

      It did have the advantage of not leaking through walls, but it wasn't as robust and a large rollout would have required many more access points than an 802.11 rollout.

      Then again, I also worked on 802.ll stuff during the original standards proposals stage back in '93.....it's unbelievable how long it took that standard to be created. I think they actually stopped and started from scratch at one point.

  • Make a better door than a window. (Score:5, Funny)

    by tcd004 ( 134130 ) on Monday November 11, 2002 @10:38PM (#4647804) Homepage
    I already have to deal with my little brother standing directly in front of the IR receiver on the TV for the remote control. He's gonna have a field-day screwing with my quake ping rates!

    Play the Stock Market Drinking Game [lostbrain.com]

    tcd004

  • can't go through walls? (Score:5, Insightful)

    by dirvish ( 574948 ) <dirvish@fou[ ]ews.com ['ndn' in gap]> on Monday November 11, 2002 @10:39PM (#4647811) Homepage Journal
    Correct me if I am wrong, but doesn't this require line of sight? Doesn't that limit the usefullness of a wireless network? I thought one of the benefits of wi-fi was that it went through wall and windows.

  • Infrared (Score:3, Insightful)

    by FrostedWheat ( 172733 ) on Monday November 11, 2002 @10:39PM (#4647813)
    As I'm sure anyone with infrared equipment will know, it dosen't travel around objects very well. So I can't see this being useful indoors.

    Outdoors as a point-to-point link, it's a bit more useful. But may fail because of the same reason. A light rain or snow shower could probably block one of these links.

    • Re:Infrared (Score:5, Funny)

      by GigsVT ( 208848 ) on Monday November 11, 2002 @10:50PM (#4647883) Journal
      I'm working on seed funding for a company that is developing a new product that will revolutionize WiFi security. I can't give too much away (patents and such are pending), but I can tell you it involves the transmission of RF signals through a flexible strand of material that freely conducts RF signals. This material is then surrounded by a material that does not conduct energy, and then (this is the kicker), the whole thing is wrapped in a "shield" of conductive material, preventing interception and injection of data.

      These "RF Pipes" are going to be the next big thing, I just know it!
      • Wow, these "RF Pipes" will work great on this device I've been working on "RF Pipe Junction" you hook all these RF Pipes into this box and they can all see each other, and to top it off, it closes the end of the pipe so no sniffing!

        I think you are on to something!

      • but I can tell you it involves the transmission of RF signals through a flexible strand of material that freely conducts RF signals.

        Here in Canada we call that coaxial cable. :P

      • Wow! I bet next you are going to tell me your company will produce a keyboard using this technology. It will receive it's power through your secure RF medium and thus not need to have it's batteries replaced. I want all the technology your company will produce because I'm sure tired of replacing the batteries in my keyboard, mouse, hard drive, sound module, headphones, etc. Sure the batteries last a couple of months for each device, but when you got about a dozen GrueMolar (tm) devices, battery changes happen roughly once every three days.
      • Maybe I can use one of your RF pipes to make my cell phone secure. I could just run one to the house and plug my cell phone into that and no one can listen to my calls.
    • I remember several years ago seeing some laser based free-air links, several miles, ~155Mb/sec transfer rates, not sure if they used IR lasers or visible but BlackBox had them in their catalog for some large price ($19,000/pair IIRC).
      I do agree with you though on the IR not working around corners, and doors. There is a BOFH where to improve wireless network response in an office with IR networking, all the doors mysteryously disappeared....
      • Some one forgot what they read in the article. Those were for links building2building and not wall to computer for an office environment.

  • One thing I've noticed... (Score:5, Funny)

    by A Guy From Ottawa ( 599281 ) on Monday November 11, 2002 @10:41PM (#4647824)
    Since I installed my new infrared network, my damn TV keeps changing channels to 65,535

  • Detectable Leakage (Score:5, Funny)

    by Istealmymusic ( 573079 ) on Monday November 11, 2002 @10:41PM (#4647828) Homepage Journal
    This is SECURITY VIA OBSCURITY. Its worst than Microsoft's proposed ;HttpOnly cookie value. Not only does infrared have a miniscule amplitude comparable to that of dark mango light, it shares properties of microwaves in that it does not penetrate lead steel. This is in stark contrast to the ceramic flossings offered by MIT Inc.'s 802.11b/ALL wirefree standard. Wireless is well-known for eliminating some of the wires, hence the term "wires: less", and these microscopic wires can picked up by sophisticated nuclear wireless detection subsystems such as NetStumbler. Infrared is no exception to this rule. SECURITY VIA OBSCURITY DOES NOT WORK.
    • (chortle)

      Interesting? Yeah, I suppose it is... :-)

      But on a more serious note, you have to have a decrypted version of your data somewhere, in order to make use of it (something missed often hereabouts). And having something limited by the walls of your building isn't necessarily a dreadful idea, as long as you trust everyone who might be inside your building equally.

      So yes, it may be of limited practical security application. At least compared to well-implemented encryption.

      (Oh, and I especially like the bit about "nuclear wireless detection systems".)

  • Ahh, hype. (Score:5, Funny)

    by subreality ( 157447 ) on Monday November 11, 2002 @10:44PM (#4647843)
    Sure enough, the old formula persists. Creating a new "optical sensor" just wouldn't get enough media attention. But if you call it a "optical antenna" you can make it SO much more buzzword compliant.

    Meanwhile, I've created a totally new form of network media that's MUCH faster and more secure than ANY WiFi to date. I call it the "Electron Antenna". It only transmits through copper. Here are some choice quotes from my upcoming press release:

    The new antenna may have a favorable impact on the use of networks in corporate settings or for business transactions. Compared with radio frequencies, which pass right through walls, electron beams can be more tightly controlled.

    "You make the network more secure because electrical energy is contained within plastic and doesn't leak out through the edges of the wires. You can equip the wires to contain electrical energy," said Subreality. "Also, you can create a tight beam between one point and another which doesn't diverge much in comparison to a radio frequency beam."

    I'm a genius.

    --Keepiru
    --slashsuckATvegaDOTfurDOTcom

  • That's good for a giant cubicle farm, or warehouse, but this won't work in other setups without repeaters.

    This will become expensive.

    • Downsizing (Score:2, Funny)

      by Smidge204 ( 605297 )
      I dunno... if they could boost the power output of those IR transmitters to several kilowatts, that would make downsizing a lot easier...

      Of course, it may require some extra budget for cleaning crews...
      =Smidge=

  • Worth the speed penalty? (Score:3, Interesting)

    by Professor Collins ( 604482 ) on Monday November 11, 2002 @10:45PM (#4647854) Homepage
    While it may be more secure in the sense that infrared rays are much easier to absorb and block out than 2.xGHz radiation, this comes at a cost. The high amount of background noise in the infrared spectrum (both man-made from TV remotes, wireless keyboard and the like, and natural, since just about everything emits some level of infrared energy as heat), in addition to the same easy absorption of infrared particles which this article touts as a feature, ensures that you'll never get anywhere near the quality signal you get with traditional 802.11 wireless signals. Early "wireless" attempts struggled to get more than 9600bps out of the infrared spectrum, and while technology has no doubt improved since the mid-90s, I still can't fathom anyone getting more than an ISDN line's worth of bandwidth out of ISDN.

    So, yes, it may indeed be more secure, but is the enormous leap backward in available bandwidth really worth it? I for one would much rather use stronger encryption than weaker signals.

  • Why? (Score:5, Insightful)

    by delta407 ( 518868 ) <slashdot@NOspAm.lerfjhax.com> on Monday November 11, 2002 @10:47PM (#4647861) Homepage
    Everyone knows the main problem with Wi-Fi: Security. It's relatively easy for intruders to sniff packets out of the air and even connect to the wireless net. While most wireless companies have responded by trying to beef up the encryption, smart people a long time ago developed a device called a "network cable". This means no energy leaking through walls, and no extra precautions necessary to block it from exiting through windows. The cables can be laid so that several networks can be co-located in the same physical space.

    It's been done, okay? If you're going to carefully aim IR antennas and put up filters on windows, just lay some Cat-5 already. It's cheaper, faster, and more secure.
  • 802.1x (note that this is a protocol for access control -- the "x" is not a wild card) solves the authentication problem. Then you're free to use whatever encryption scheme that you'd like on your packets. No need to deal with the limitations of the infrared band.
  • Comment removed based on user account deletion
  • ... when I change the track on my laserdisc player, my computer detects a UPSd call, and shuts down my fileserver...
  • Does this mean that turning up the heat in the office can now be interpreted as "hacking"?
  • If this stuff's gonna require line of sight, why not use wires instead then? (Wires won't let u go through two different rooms, but neither will this...) OK, well I guess you could move around a single room easier....but then you have to worry about where you move, and not to go behind things that could potentially block the signal...
  • My university [purdue.edu] is rolling out wireless using vpn to authenticate and secure the connection.

    I've heard about some security issues with VPN but nothing like the issues with WEP. Seems like an elegant solution to me. I haven't pushed and prodded it too much but I didn't notice that there is some firewall protection available in the vpn client as well (not mentioned at the link above).

    Not a perfect solution but possibly good enough for now.
  • great, now if i line up my computer with an ir beam "up to 3 miles away" i can get broadband

    i remember when i got my ipaq a few months ago. after a couple minutues of aiming, i could transfer files from pda to pda, without the hassle of the whole 15 seconds it would have taken wireplusly connect the devices. fun.

  • Wires do work better. (Score:3, Insightful)

    by Clay Pigeon -TPF-VS- ( 624050 ) on Monday November 11, 2002 @11:04PM (#4647965) Journal
    Its all about trade offs. Speed vs security vs mobility. If you are lucky you can pick a network system that has any 2 of the above 3. With IR you would get security and *limited* mobility, with wired you would get speed and security, and with WiFi you get *limited* speed and good mobility. You cant have your cake and eat it too people. I see no point in going wireless if it requires line of sight.
    • ... or as the old saw goes:
      1. Fast
      2. Cheap
      3. Powerful

      Pick 2 ...
      • You could build a network that is fast, secure, and allows mobility - it would simply cost a lot. For example you could have meaty processors in every WLAN card and access point performing 1024 bit encryption (with short lifespan keys) on the packets, but the cost would be huge compared to 802.11b gear.

        My solution du jour is to treat any systems on the WLAN if they were on the internet, i.e. untrustworthy. The access point is firewalled off from the rest of the network and the only way in is via VPN/ssh. Whilst this does prevent you simply turning on your PDA and reading ./ it does avoid any unwanted war(drivers|walkers|cyclers) using your connection to lauch a DDOS against whitehouse.gov.

  • Comment removed based on user account deletion
  • IR is just another medium. It is/will be useful in it's own niche.

    I doubt the security issue will be the big selling point.

    802.11* has problems coexisting with other wireless networks, as well as unintentional interference, and it will only get worse. That doesn't mean the party is over, just that sometimes other solutions might be better suited.
  • or it atleast contained provisions for a difused infrared networkign protocol. Heck, even IrDA support *multiple* devices in range. There really isn't anything stoppingyou from putting a diffuser on the IrDA port on your PDA and communicating with several other devices at the same time.

  • This is called 802.11, eh? (Score:1, Informative)

    by Anonymous Coward
    The original 802.11 specification (note I didn't put a "b" after the 11) had 3 physical transport mechanisms. There were 2 PHY's in the 2.4 GHz range. One used DSSS (aka Direct sequence spread spectrum... this is what "b" uses as well). The other was FHSS (aka Frequency Hopping Spread Spectrum). The third PHY was infrared. It was designed so you put up little IR lights on top of your cube and the IR would bounce off the cieling in your office to other IR receivers.

    Yep. It's been around for YEARS but no one used it. Hell, vendors had enough interoperability issues with FH v DS, the thought of using IR was just right out.

    Using it for security sake now seems a bit silly. As pointed out before, IR requires basically LoS. If you're going to be in an office building and using special filters on your windows, then just use wires. They're about 100x faster anyway. TKIP/802.1x are going to go a LONG way to solving wireless security problems within the next 2 years. Lets not take 2 steps backwards and use IR as a PHY.
    • I was a member of the 802.11 comittee and sat on the IR PHY as well as the MAC subcomittee. The IR PHY was actually the first to get passed into the draft, ahead of the radio guys.

      At the time, we approved a 1 and 2Mbps phy, and I was aware of other companies/universities working on 4, 10 and 16Mbps higher rate IR PHY. The company I was at, Photonics (now gone) was working on a 10Mbps product. IBM and Photonics both had 1Mbps IR LAN product in the market at that time (roughly 1994 or so).

  • JVC IR Wireless network (Score:2, Interesting)

    by spav ( 36318 )
    Hey, anyone remember the IR wireless that JVC had years ago. I actually have one at my company that works, it's range is rather limited, but it's nothing that new. http://www.jvc-victor.co.jp/english/pro/lan-e/
  • Finally we can warm up our lunch with privacy and authenticity! Security so good you can fry an egg on it!

  • Optical communications (Score:2, Interesting)

    by n1ywb ( 555767 )
    This article is very vague about what exactly has been developed. I'm curious to know more, perhaps when it's unveiled at comdex.

    They refer to it as an optical antenna. That is probably a misnomer. It sounds like what they have actually developed is a new type of optical sensor, perhaps with some special lensing. Lenses are much like antennas for light.

    Current technology uses phototransistors which are pretty good at what they do. But they have a fairly wide bandwidth, that is they respond to a wide range of wavelengths. The article claims that their new sensor has a very narrow bandwidth. To limit the wavelength response of a phototransistor, filters must be used which reduces the signal strength.

    They also claim that the device is 100 times more sensitive than current technology. A new type of filter which was very low loss could increase the effective sensitivity of a filtered phototransistor, so I wonder if this is what they have really developed.

    Either way light travels in straight lines and I doubt if they're counting on cloud reflection or something, so this device would require a line of sight. That said, try aiming your remote control at a window sometime and see how the light bounces off and then to your TV. A device 100 times more sensitive may be able to take advantage of reflected paths that are currently unuseable.

    Current outdoor point to point IR links using laser technology can be reliable up to several miles, even in rain. The units I've seen are over speced, so that without weather they are actually capable of working over much longer distances, but they aren't market as such.
    • Cheap mutilayer (usually SiO on quartz) filters are already >80% transmissive.
      Here [techmark.nl] is a spectrum from an example.
      You really couldn't get 100 times that just from the filter. And I don't see how you could get more out of the sensor either, as cheap Si phototransistors have nearly perfect quantum efficiency in the infared. My question is "more sensitive to what?"
      • That filter may be 80% transmissive and certainly a difference of 20% wouldn't account for a 100 times increase in transmissability. The article claims that their new sensor is so selective that it can select a SINGLE wavelength of light. Communications theory dictates that if you select a SINGLE wavelength you have zero bandwidth and therefor can transfer information at zero speed. So clearly this new sensor must not be THAT selective. The narrower of the two filters you posted has a passband of 140 nanometers. That is pretty frikkin wide. (300 * 10^6) / (140 * 10^-9) = 2.14 * 10^15 Hertz. Thats a passband of 2.15 PETA hertz! For 11MBPs ethernet you need a bandwidth of 11MHz if you don't use any advanced modulation techniques. I don't think a filter with and 11MHz passband at light frequencies is realistic, so IF they have developed some new filter, it's passband is probably narrower than the one you posted, but wider tha what would be ideal. Again, this is all conjecture because the article is vague. Uunless they are lying, we can assume the device is about 100 times more sensitive than current devices at the very narrow bandwidth they describe. Since you pointed out that there is very little theoretical room for improvement in phototransistors, then the only logical conclusion is that they've developed some new type of filter. Of course perhaps they really HAVE developed a new type of optical sensor and the filtering is in some way inherant to the device's fundamental characteristics.

  • Networking over IR is old... (Score:5, Informative)

    by daveschroeder ( 516195 ) on Monday November 11, 2002 @11:12PM (#4648017)
    I remember back in 1992 the University of Michigan's College of Engineering had a couple wireless computer labs (both for classroom use) set up for testing. One used Motorola's Altair 18GHz radio product, another an infrared product.

    In fact, here's a Network Magazine article from almost 10 years ago exactly on the topic:

    http://www.networkmagazine.com/article/NMG20000724 S0062 [networkmagazine.com]

    I remember the Altair presenting an interesting problem because its data packets were slightly smaller than AppleTalk packets; the AppleTalk packets had to be split up and performance was severely degraded.

  • In related news... (Score:3, Insightful)

    by gregorio ( 520049 ) on Monday November 11, 2002 @11:16PM (#4648039)
    ...the University of Warwick's engineering department shows some spanking new technology that replaces those nasty and still interceptable wireless signals with a brand new concept called "cabling".
    Come on people, this is a terrible approach (as it kills the *only* Wi-Fi advantage), based on security through obscurity, *and* at the same time a questionable achievement, cuz ya know... IR isn't a new technology/concept/medium...

  • So, honestly (Score:3, Insightful)

    by Cyn ( 50070 ) <[cyn] [at] [cyn.org]> on Monday November 11, 2002 @11:16PM (#4648043) Homepage
    it seems to me that an office building could theoretically be built to fairly effectively dampen any wireless going on within it - the problem being that it would also dampen any wireless waves trying to come in. So - we lose the following:

    Radio: mount an antennae on the roof, setup some radio streaming servers inside the building that people can point [insert fav. audio player] at.

    CellPhones: This is a little trickier, but there once was the idea that your cell could transfer calls to your desk phone automatically. I know some cellphones offer a forwarding option, I don't know how automatic this is - perhaps you could set it to be scheduled?

    TV: Shouldn't be watching TV at work, if you should be - they probably have cable anyways, problem solved.

    I mean, really, the only problem you have beyond that is when you're in a large shared office building - and when you're mixing interests like that anyways you don't much damned security anyways, and maybe you shouldn't be using wireless except during that all important meeting, when you connect ad-hoc to a predetermined server that's not tied to the company intranet.

    Surely I've missed something or put something inaccurate out there - so let the replys flow

  • Infrared, eh? (Score:3, Funny)

    by grub ( 11606 ) <slashdot@grub.net> on Monday November 11, 2002 @11:18PM (#4648047) Homepage Journal

    Great.. the boss' kid comes to the office on a weekend with a TV remote control and DoSs the LAN.

  • Greenhouse experiements... (Score:3, Informative)

    by rediguana ( 104664 ) on Monday November 11, 2002 @11:20PM (#4648062)
    "You make the network more secure because infrared energy is contained within a room and doesn't leak out through the walls and windows. You can equip the windows to reflect infrared energy," said Green.

    You could have some serious fun with companies depending on the configuration of the reflective surface. If boths sides are IR reflective you lose solar heating benefits but gain security. If only the inside is IR reflective to keep the signal trapped, whilst IR is allowed in from the outside, then a fun attack would be some IR beams from afar aimed at the windows to heat up the room and fry the marketdroids and PHB's!!
  • I don't know... At least 10 years ago someone could point a dish at your office window from 100 feet away and steal data. I would not be surprised today if that same technology has advanced 100 fold and could pick up even the tiny signals spoken of in this article.

    If that doesn't make you think a little, then maybe you didn't read these recent stories:
    Sensors gone wild [slashdot.org]
    The Pentagon Wants Your Secrets [slashdot.org]

  • Lightbulb Network (TM) (Score:3, Funny)

    by Cheese Cracker ( 615402 ) on Tuesday November 12, 2002 @01:33AM (#4648782)
    Neolight Networks Introduces Lightbulb Network
    Tuesday November 12, 12:30 am ET, Lies Newswire

    Weird Valley -- Neolight Networks Inc(R) is about to launch their revolutionary Lightbulb Network (TM) this coming Friday. Instead of using expensive infrared equipment, they're using normal light. "It's a cheap and secure network" said Al Bundy, CEO at Neolight Networks. "All spare parts are readily available at any store, which keeps maintenance costs down to a minimum." Bundy continued. "The Lightbulb Network is slightly slower than an infrared network, but otherwise it works on the same principle." said Bundy. "This network is as secure as the customer wants it to be. But we do recommend our customers to paint all the windows black and run the equipment on an internal power supply." Bundy said with a wide smile on his lips. There are some minor drawbacks though... Employees are not allowed to use any type of bright light, since this would crash the network. "But the light bulbs will blink the whole time, and give a nice disco feeling in the workplace." Bundy quickly added. People who suffer from epilepsy can't work in the rooms were the network is installed. Al Bundy told us that he recommends the customers to lay off all epileptic people... "it would save them from being sued once the network is up and running" Bundy told us.
  • The antennas can be so well tuned that several networks can be co-located in the same physical space.

    I can co-locate several networks in the same physical space without 'tuning' my CAT-5 cable. Amazing stuff, that.
  • Look up "Extreme Infrared". Both RF and optics work in this band. See this paper from Applied Physics Letters. [njit.edu]

    (I wrote a little note on this, but Slashdot's posting system hasn't worked right since the switch to the new server, and my posting was lost. Every time I click on "Preview", I get the message that I posted twice.)

  • Maybe somebody actually read my post [slashdot.org]

    Wireless has a good transfer rate, so it would offer good resolution for wireless devices or decent transfer for wireless networks. A lot of laptops with a decent wireless ports can transfer up to 4Mbps (my old laptop did quite fast transfers before it met the electrical-surge goblins).

    While it might not be good for providing long-distance network access (due to line of sight), a wide range wireless hub could do quite well for a room of computers, etc (which would kick butt for a LAN party or perhaps a school lab, if you had a hub somewhere high and aerial receivers). We have to avoid use-it-for-everything scenario though...

    One of the first ideas under development is for credit card payment systems. The idea is to equip credit cards with infrared links for use at gas pumps and supermarkets, for instance.
    Just because something is new and works doesn't mean it has to take over everything. It's like the story about networked laundry machines. I the keychain with a RFID chip for gas was good enough, and probably cheaper to produce.

  • please help (Score:4, Interesting)

    by _ph1ux_ ( 216706 ) on Tuesday November 12, 2002 @04:04AM (#4649349)
    OK - so we have had several stories in the past several weeks talking about WiFi this and that - and I have posted a few comments asking about wifi security. I would like some help from you guys - as it seems that there are several out there who really understand securing wifi networks. (I have written to both the sputnik (linuxcare) guys - and the locustworld.com guys - but have gotten no responses from either about security)

    OOK - here is the scenario:

    Imagine an ISP that is *only* wireless. They want to be a "community" ISP, want to offer only wireless wifi internet access, and want to charge for it a flat rate of 20/month. They have wireless APs covering several city blocks - or a whole city. with a physical tie at some city based colo. How do they protect the network - so that only paying customers can be authenticated and use the system?

    What i have been thinking so far is that for signing up - you have to purchase/get/rent/whatever - the wireless card from the ISP. This cards MAC is in an ISP DB and its get authenticated. In addition - that MAC is tied back to a username password (or biometric) auth which then validates the user and opens up the port. Is it possible to have an ISP with such a system - that is not too overly paranoid secure - but not just a leech-net?

    I think there are three very important things that should be considered when thinking about WiFi ISPs in general:

    1. they should be put in place ASAP - even if they arent that secure yet.

    2. we (the tech community at large) should fully support them, and pay 20/month for access.

    3. wifi ISPs should offer free access to the system for city government - municipal services like fire depts, police, city engineering etc..

    WHY? well because we have seen already how the big ass companies handle our bandwidth, our information, our trust and our money.

    We should get a community monopoly on these systems as soon as possible. I nkow that I am *done* having any sort of qwest, global crossing, worldcom corrumpany in charge of my access.....

    seriously - this is an important issue - and one where we ahve the advantage because these companies are A) almost bankrupt B) dont understand the technology C) typically slow to move on stuff like this. The only problem is that they traditionally have very deep pockets to buy things out.

    But with Level 3 trying to buy up all the fiber runs it can - and absorb as many of the IP-traffic-assets as possible - they are looking to run 90% of the data routing market... but the WiFi last mile can and should be a community owned system.

    Imagine if the model was changed so that a carrier would have to *pay the community* to be the access provider. If there were several million people in a city - and that city had its own WiFi network - and it was putting out bids for connections to the outside internet - you'd better believe the carriers would be putting down some fat bandwidth at reduced price for that level of market share.

    We need to stop thinking so small, have some vision and take over the market and make it the way we want it.

    • Re:please help (Score:2, Insightful)

      by DirkDaring ( 91233 )
      Already being done.

      http://www.dslreports.com/forum/dslalt
    • 1) Authentication can't be purely MAC address based. Most cards can transmit packets with any arbitrary MAC address. To steal service from such a system, all you'd have to do is sniff a legitimate user's MAC address and use it when or where they're not. Trivial. If you really want this to work, I think the best way is to accept only IPSec traffic over the air. Your legitimate users will have the authentication tokens necessary to negotiate an IPSec connection to some set of server/router/VPNboxen behind the access points, and the access points themselves will drop anything that isn't either IPSec-encapsulated or an authentication attempt. Solves the problem with WEP being weak, and solves the problem of stealing service by sniffing a few packets. The only problem it doesn't solve is the wireless medium being DoSed, but that's nearly impossible to solve without accurate triangulation equipment and a large brute named Guido wielding a baseball bat.

      2) I disagree that something should be put in place that isn't secure yet. Having to work around and be backward compatible with a poor rushed first implementation is exactly how nasty ugly hacks develop and linger on for years.

      3) If the government has use for a wireless network, then they can pay for it like everyone else. Being a very large customer, you could offer them a volume discount, or even cut some special deal for a deep discount in return for helping you deploy speedily. But advocating giving away access to the government on a permanent basis shows that you've got no business sense whatsoever. Ain't gonna happen; any company that tries it will founder.

      But other than those points, nice idea. I support you.

  • Basically the security is the same as of a directed RF link. Even worse, as RF does not scatter well.

    Put *something* into the beam - anything, like a window (best with some dirt/dust), dust or mist in the air. The light scattered off (a few percent) will still be enough to be detected with standard telescopes even from a distant observer (distant = easier to hide).

    So: just a marketing hype. The old common-sense still has to be applied: if you don't absolutely control the transfer media (e.g. in-house cable), you are susceptible to eavesdropping.

  • Infrared ISP... (Score:2, Interesting)

    by wneto ( 624292 )
    Im not sure if its the same technology, but theres an ISP in my city that offer infrared links up to 10gbps (what they call 'Infra Red Wireless Fiber' -- wireless fiber.. wtf?). On the good side, you can have SOME bandwith using this technology (nothing like the few mbps on wi-fi), on the other side, the beam is very limited, what makes it useless for some aplications.
    The technology is from MRV [mrv.com], in case you wonder.
    Indeed, its very secure and have a 99.999% uptime garantee (yeah right).
    Now im wondering about using some mirrors to steal.. erm.. borrow some bandwith and never have to worry about getting /.'ed .
    ;o)

  • If you are worried enough about security that you'd switch to infra-red, why not just stick to wired? With IR, you're stuck with line of sight which basically defeats the purpose of WiFi. You can't reliably move around (if your body comes between the base station and your computer, you've just broken your network connection, if you walk into the next room, you've just broken your network connection, if a piece of paper falls off your desk, and blocks your antenna, you've just broken your network connection, ...)

    This seems to me to have all of the drawbacks of CAT-5, with none of the benefits (namely, you can't tap into a wired ethernet connection unless you have a physical connection)

  • Infrared removes all advantages of wireless networking. If wireless is being used in a business, then they want to have a network connection anywhere in the building (so the laptop works in the conference room, one less cable for the techs to worry about, etc.).

    There really is no way to practically secure a wireless network, if the attacker has access to the data. Access is always the front line of security...you're not going to let someone come in and sit in a spare cubicle sniffing packets.

    Wireless may be necessary in some cases, but a determination should be made of the security risk. If no sensitive data goes across the wireless network, then it doesn't matter if someone sniffs packets.

    Sensitive data:
    • Valid passwords and usernames
    • Company credit card numbers and other financial information
    • Trade secrets (coporate espionage is HUGE)
    • Any inside information that could be used to social engineer an employee or blackmail executives

    There is no hardware or software method to prevent the above from going across a wireless network, sooner or later. Even casual web browsing can provide black hats with enough information to cause damage. About the only semi-safe methods are (supposedly) encrypted web browsing, and transferring file archives with strong encryption.

    What I'd like to see is a method for trapping all radio waves within a building. Let's see: at 5GHz, the wavelength is 29979200/5000000000 meters, or 6 cm. So, you need a Faraday cage with a grid diagonal of 6cm or less. I'd be interested to find out if such a grid could be applied with conductive paint, and transparent conductive grid films applied to windows. It would be a huge project to do an entire building, but you've also eliminated Van Eck monitor reading and wireless keyboard listening.

    Until someone develops a spherical directable-array antenna that makes tight-beam transmissions practical, wireless is too big of a risk for any serious organization.
    • What about a close approximation to not needing cables? If you had a ceiling antenna in each area like an 'eye in the sky' camera with wide field of reception, you could have desk-mounted antennae that just face upward ...?
      • Because your desk-mounted antenna also has to transmit. There have already been experiments in "war-flying", an attacker would only have to go to a taller building, fly overhead and hope to capture some useful data, or find a way to toss a capture device on the roof of the building.

        If this is a multi-level office building, residents above the floor could receive client station transmissions, and residents below could receive base station transmissions.

        • I assumed that the IR would not pass through ceilings or windows because of reasons given earlier (treated glass, etc.)

          PS, wouldn't UV work? :)

          Possible encryption work-around:
          1) All equipment handed out in the office has a software-settable key value that is entered by the sysadmin before giving it to the user; a key value that can be deleted or added but not viewed (requires well-audited firmware). This allows for equipment that works on multiple networks, of course.
  • Here's a picture of the optical antenna [warwick.ac.uk] over at Warwick.

    Why they don't call it a "lens" is beyond me. It seems to have to components: an incoming collector area, which focuses signals on the receptor; and an outgoing dispersive area, which spreads the outbound signal to cover a broad region.

    --tsw

  • In my opinion, optical wireless networking is better than current 2.4 GHz and 5 GHz (ie, 802.11a & b) for one main reason: it can't be regulated.

    Think about that for a moment: Sure, right now WiFi is pretty much "open" and "free". Everybody and their dog is playing with it, or actually using it. It is readily available to consumers at a low price point, which is very attractive.

    However, and this is a big one: It is only this way because the government and corporations are allowing it. As soon as P2P mesh freenets start taking off, the corporations WILL cry foul to the government IF they are not "allowed" to be a part of the "mesh" (and really, do WE want a second corporate internet - isn't that what P2P is ultimately about, freedom from corporate/government domination through free exchange of information?) - once that occurs, our government will likely either make it illegal to operate an 802.11 AP, or will require a license (with hefty fees) for the frequency band to operate in (of course with limits thrown in so as not to effect cordless phones, microwave overs, etc). The corporations won't mind, they can afford the fees normal consumers cannot. Then watch the mesh network implode.

    However, here is where LED (IR or otherwise) and Laser comm devices such as this can still help keep a mesh network together. It would be difficult for them to regulate using light for communications, after all. Although, I am sure they would try - and at that point, we have bigger things to worry about...

Slashdot Top Deals

God made machine language; all the rest is the work of man.

Close