|
|
Programming Help |
Homework Help |
Counseling Astrology Advice | Tarot Advice | Parenting Dating Advice | Love Advice | Divorce Advice Legal Advice | Debt Advice | Career Advice W IRELESS N ETWORK S ECURITY 5-29 or the handheld device has been compromised, or a malicious user has been able to create a rogue handheld device or PC and gain access to the user's network. PDAs can also remotely synchronize with a networked PC using dial-up connections, dialing either directly to a corporate facility or through a WISP. The modems allow users to dial into an access server at their office or use a third-party WISP. Dial-up capability, however, also introduces risks. Dialing into a corporate facility requires a handheld device synchronization server; otherwise, the remote PDA must derive synchronization service by connecting to a PC that is logged on using the remote client's ID and password. If the PC is not at least configured with a password-protected screensaver, it is left vulnerable to anyone with physical access to the PC. Moreover, since the WISP is an untrusted network, establishing a remote connection requires additional security mechanisms to ensure a secure connection. The PDA would require a VPN client and a supporting corporate system to create a secure tunnel through the WISP to the agency. Modem-enabled PDAs are still relatively new, and an agency may not have the security services in place to support them. Agencies may want to restrict their use until they have either adapted their existing VPN capabilities or put the required services in place. Another means for synchronizing data is through an Ethernet connection. Users can synchronize data from any networked work space. The data that crosses the network is as secure as the network itself and may be susceptible to network traffic analyzers or sniffers. PDA users can also synchronize through their agency's wireless network. This entails accessing the agency's 802.11-compliant APs to connect to the agency's wired network. Many PDA vendors support or are beginning to support VPN connections using 802.11 APs. Analog phones using first generation (1G) technologies are more susceptible to eavesdropping than are digital cell phones. Individuals or organizations can intercept unencrypted analog cell phone transmission using simple radio scanners. In contrast, many digital phones have built-in security through spread spectrum technologies that use pseudo-random code sequences and forms of encryption. However, when digital phones are roaming (i.e., using other service providers), they frequently must connect to analog networks for coverage. When this connection occurs, the digital device becomes as vulnerable as the analog phone. Digital cellular telephones may also be vulnerable to eavesdropping, but the equipment required to eavesdrop on a digital cellular telephone is much more expensive. TDMA and GSM offer built-in encryption, but its use is at the discretion of the cellular service provider. Smart phones can support wireless location services by using an on-board GPS integrated circuit or by having service providers analyze the cell phone signal received at cellular antenna sites. 49 GPS-enabled phones can identify the phone's location to within a few meters and also relay position information. Thus, in the case of emergency, a user who may be injured or threatened can relay his location to the proper authorities. These devices are subject to security threats associated with networked computing devices but also have a new set of privacy concerns as the user's location can be disclosed to third parties. Advertisers and other service providers would like to access user location information through agreements with the cellular telephone provider. Users should carefully read cellular phone companies' privacy policies and opt out of any unwanted wireless location services. Security officers and administrators must also be aware of the threats posed by visitors carrying handheld devices. Many wireless sniffing tools run on handheld devices that can be used by malicious users to help them gather information that might be useful in a future attack. Moreover, many handheld devices come equipped with audio and video recording capabilities that can be used to record sensitive conversations or records images of people or facilities. As the handheld devices become smaller and more capable, some 49 GPS is a Department of Defense (DoD) system of 24 satellites that provides positioning for a receiving unit through triangulation of three satellites' signals. |
Find more freelance jobs
|
