London's poor wireless security exposed
Cycle-bound security expert reveals our insatiable need to stay connected
London was the latest stop on the ‘World of Warbiking' tour - a global wireless security research project targeting major cities across the globe. Conducted over two days, James Lyne, Global Head of Security Research at Sophos, rode his computer-equipped bicycle across the streets of the capital. His exhaustive trek revealed that of 81,743 networks surveyed, some 29.5 percent were using either the known-broken Wireless Equivalent Privacy (WEP) algorithm, or no security encryption at all. A further 52 percent of networks were using Wi-Fi Protected Access (WPA) - a no longer recommended security algorithm.
“The standard user doesn't recognise that major brand XYZ wireless is not encrypted and that their information can be picked up by anyone with £30 piece of equipment available on Amazon,” said Lyne.
It became clear that users just want the internet and they don't care where they get it. “Our experiment found a disturbingly large number of people willing to connect to an open wireless network we created, without any idea of who owned it or whether it was trustworthy. Compounded by the growing number of devices that are permanently identifying themselves via technology like Bluetooth, this kind of behavior is increasingly putting everyone's valuable data at risk.”