This Could be The Worst Article To HIt The Internet... Ever!

I really don't want to publish a link to this article its so bad. Its manages to be ill-informed, poorly researched and out-dated all at the same time. That the author lists US policy advisor, computer scientist and distinguished lecturer in his biography defies belief.

In this article ZDNet blogger David Gerwitz makes such a ridiculous premise and then backs it up with further nonsense as to cause me to wonder about his mental health. His solution to wireless network security? MAC address filtering and disabling SSID broadcasting.

If you want to secure your wireless network, setup WPA or WPA2 and forget about it. This will deter all but the most dedicated of hackers. But Gerwitz apparently thinks that he's found a secret security layer that everyone else missed.

Wrong. Very, very wrong,

A hidden SSID can be read from the packets your clients send out when connecting to your (supposedly) hidden wireless router, as can the MAC address of the connected client.

And far from being a unique serial number for your network card a MAC address can be spoofed via a simple registry change in Windows or a terminal command on a Mac. One captured packet between client and router is sufficient to get even the least competent hacker past Gerwitz's security controls.

This wasn't even good security back in the day when wireless networks were obscure.

There is an old joke about a user who phones Apple's technical support desk complaining that his Mac isn't working. After a lengthy support process the technician asks the customer to check if the power cable is plugged in; to which he replies that he doesn't know because its too dark to see. Why is it too dark? There has been a power cut. The technician asks the customer to box up his Macintosh and return it to Apple for a refund. Why? Asks the customer.

Because you're too stupid to own a computer replies the technician.

Its a joke that seems oddly appropriate to re-tell here...

0 comments: