Letter to the editor

Your tutorial on wireless local-area networks ["Networking with no strings attached," Federal Computer Week, Nov. 5] leads readers to believe that wireless LANs can be secured easily. Unfortunately, that's far from true.

So-called Wired Equivalent Privacy can be broken in minutes to hours, even using the 128-bit encryption option. Once broken, wireless networks can be used to steal network access, impersonate other computers on the wired network and attack other resources.

At a minimum, wireless LANs require a firewall between the wireless access point and the wired network, and encrypted communications on top of WEP, typically using a virtual private network with IP security protocols.

Firewalls and VPNs significantly increase the cost of installing and operating a wireless LAN, and the VPN encryption will significantly reduce the throughput of the wireless LAN. The wireless LAN industry is scrambling to design a successor to WEP, and existing equipment might not be easily upgraded.

Please check security claims thoroughly before publishing information that could mislead your readers.

Rex Sanders
U.S. Geological Survey
Menlo Park, Calif.

WRITE US

We welcome your comments. To send a letter to the editor, use this form.

Please check out the archive of Letters to the Editor for fellow readers' comments.

Featured

  • Defense
    DOD photo by Senior Airman Perry Aston  11th Wing Public Affairs

    How DOD's executive exodus could affect tech modernization

    Back-to-back resignations raise concerns about how things will be run without permanent leadership in key areas from policy to tech development.

  • Budget
    cybersecurity (vs148/Shutterstock.com)

    House's DHS funding bill would create public-private cyber center

    The legislation would give $2.25 billion to DHS' cyber wing and set up an integrated cybersecurity center with other agencies, state and local governments and private industry.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.