Rink
07-23-2004, 01:07 AM
<font size=3>Laptops at the FleetCenter at risk of breaches, attack</font>
By Hiawatha Bray, Globe Staff | July 22, 2004
The Democratic National Convention will attract thousands of visitors armed with laptop computers that feature wireless Internet access. And that could be a formula for disaster, according to a Boston data security firm that recently ran a vulnerability test in the area around the FleetCenter.
Michael Maggio, the president of Newbury Networks Inc., said that unless proper precautions are taken, computer vandals will be able to tap into these laptops by using wireless transmitters located outside of the FleetCenter. The attackers could then use the compromised laptops to gain access to the computer network used to run the convention. The vandals could obtain sensitive information related to the campaign of presidential candidate John Kerry. Or they could unleash an attack that would bring down the network and throw the convention into chaos.
''It's part of the security . . . that people aren't thinking about, not because they're dumb, but because we didn't have this four years ago," Maggio said.
Indeed, hardly anyone had heard of WiFi wireless networking in 2000. Today, half of all new laptops come with WiFi capability built in. A WiFi-equipped computer can share digital data by communicating with a wireless ''access point." Standard WiFi equipment has a range of about 150 feet, but that range can be substantially increased with high-powered equipment and a special antenna.
The Democratic convention will use a standard wired network rather than WiFi. But according to Maggio, this won't provide any extra security. That's because many visitors who'll plug into the network will have computers with built-in WiFi capability. The WiFi feature is automatically switched on when the computer is running. In effect, the laptop can connect to a wired and a wireless network at the same time.
Maggio said that an attacker with a high-powered WiFi access point could set up shop outside the FleetCenter, and communicate with WiFi laptops on the inside. If these laptops haven't been protected with the latest security patches, a skilled intruder will be able to gain access to the laptop. He could then leapfrog onto the Democrats' network, allowing him to steal information or vandalize computers. ''By being on both networks at the same time," said Maggio, ''that can compromise the entire network security."
Maggio also said Newbury Networks ran a test of WiFi vulnerability around the FleetCenter by driving through the area in a vehicle equipped with a WiFi ''honeypot"-- an access point programmed to attract compatible WiFi laptops.
According to Maggio, the testers were able to connect to several laptops being operated in or near the FleetCenter. Had these computers been connected to the Democrats' network, the testers might have been able to access confidential information. But Maggio said there was no attempt to read files on the laptop or the network, because that would violate state and federal law.
More on this Story (http://www.boston.com/business/technology/articles/2004/07/22/laptops_at_the_fleetcenter_at_risk_of_breaches_att ack?mode=PF)
By Hiawatha Bray, Globe Staff | July 22, 2004
The Democratic National Convention will attract thousands of visitors armed with laptop computers that feature wireless Internet access. And that could be a formula for disaster, according to a Boston data security firm that recently ran a vulnerability test in the area around the FleetCenter.
Michael Maggio, the president of Newbury Networks Inc., said that unless proper precautions are taken, computer vandals will be able to tap into these laptops by using wireless transmitters located outside of the FleetCenter. The attackers could then use the compromised laptops to gain access to the computer network used to run the convention. The vandals could obtain sensitive information related to the campaign of presidential candidate John Kerry. Or they could unleash an attack that would bring down the network and throw the convention into chaos.
''It's part of the security . . . that people aren't thinking about, not because they're dumb, but because we didn't have this four years ago," Maggio said.
Indeed, hardly anyone had heard of WiFi wireless networking in 2000. Today, half of all new laptops come with WiFi capability built in. A WiFi-equipped computer can share digital data by communicating with a wireless ''access point." Standard WiFi equipment has a range of about 150 feet, but that range can be substantially increased with high-powered equipment and a special antenna.
The Democratic convention will use a standard wired network rather than WiFi. But according to Maggio, this won't provide any extra security. That's because many visitors who'll plug into the network will have computers with built-in WiFi capability. The WiFi feature is automatically switched on when the computer is running. In effect, the laptop can connect to a wired and a wireless network at the same time.
Maggio said that an attacker with a high-powered WiFi access point could set up shop outside the FleetCenter, and communicate with WiFi laptops on the inside. If these laptops haven't been protected with the latest security patches, a skilled intruder will be able to gain access to the laptop. He could then leapfrog onto the Democrats' network, allowing him to steal information or vandalize computers. ''By being on both networks at the same time," said Maggio, ''that can compromise the entire network security."
Maggio also said Newbury Networks ran a test of WiFi vulnerability around the FleetCenter by driving through the area in a vehicle equipped with a WiFi ''honeypot"-- an access point programmed to attract compatible WiFi laptops.
According to Maggio, the testers were able to connect to several laptops being operated in or near the FleetCenter. Had these computers been connected to the Democrats' network, the testers might have been able to access confidential information. But Maggio said there was no attempt to read files on the laptop or the network, because that would violate state and federal law.
More on this Story (http://www.boston.com/business/technology/articles/2004/07/22/laptops_at_the_fleetcenter_at_risk_of_breaches_att ack?mode=PF)