WiFi not Secure – Clarified

I just received this e-mail from Francois Doremieux, Senior Program Manager, Product Group: Customer Experience in response  to my WiFi is Insecure post from last week. I thought it worth sharing.
 
----
 
Hello Rich
It was a pleasure meeting you in Redmond last month.
 
I just read your "WiFi is not secure" article and I wanted to add a brief comment.
 
As we discussed in Redmond, the notion of security and quality at the network layer is only one way to look at it. I agree that it’s possible to snoop and intercept the packets over WiFi. Therefore, one cannot trust the network layer alone for security (as we had discussed in Redmond that it is not possible to trust the network layer alone for management of quality). That is why the approach we have taken with Microsoft UC is to provide security at the application layer, with strong authentication, non repudiation, signaling and media encryption (in the same way we did it for quality with the adaptive media stack).
 
Transport is a very important element of the stack, but it can’t solve all issues (and its solutions tend to not have the flexibility software brings to the application layer). Applications such as OCS can overcome the transport flaws and provide software based security and quality, in conjunction with or even as a substitute to the network depending on the specific circumstances.
 
Best regards
Francois
 
---
 
Thank you Francois for the e-mail as your letter helps clarify this entry. The problem I referred to is with Web 2.0 applications, especially those where the Session ID and cookies are hijacked and cloned. As you mention, applications such as OCS and others with strong encryption can (thankfully) overcome transport flaws.
 
The point is when you are in an area where you are using WiFi, your packets can be hijacked and used to recreate your account. This is especially the case with Web 2.0 applications which loosely refers to hosted software as well.
 
Use of products like Citrix, Remote Desktop and OCS should significantly minimize if not eliminate the risk of identity hijacking.
August 6, 2007 9:27 AM | 0 Comments | 0 TrackBacks

Categories:

Tags:

Post a comment
View WiFi not Secure – Clarified news in TechnoratiTechnorati bookmark WiFi not Secure – Clarified in del.icio.usDel.icio.us Slashdot.comSlashdot Submit WiFi not Secure – Clarified to Digg.comDigg

Listed below are links to sites that reference WiFi not Secure – Clarified:

0 TrackBacks

WiFi not Secure – Clarified TrackBack URL: http://blog.tmcnet.com/mt/mt-tb.cgi/33198

Leave comment to WiFi not Secure – Clarified article

Recent Entries

Categories

Subscribe to Blog

July 2008

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    

Search


About this Entry

This page contains a single entry by Rich Tehrani published on August 6, 2007 9:27 AM.

Open Letter to Warren Buffet was the previous entry in this blog.

VoIP/IP Communications Stories August 6, 2007 is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Tag Cloud

Yearly Archives

'04 '05 '06 '07 '08
  Jan Jan Jan Jan
  Feb Feb Feb Feb
  Mar Mar Mar Mar
Apr Apr Apr Apr Apr
May May May May May
Jun Jun Jun Jun Jun
Jul Jul Jul Jul Jul
Aug Aug Aug Aug  
Sep Sep Sep Sep  
Oct Oct Oct Oct  
Nov Nov Nov Nov  
Dec Dec Dec Dec  

Around TMCnet Blogs

  • Communications and Technology Blog - Tehrani.com:
    Selling Junk in Response to High Oil Prices
  • First Coffee:
    EtherSpeak and ShoreTel, SpeechTrack, Slydial, StrongMail and Lasso, Appirio and Sequoia
  • Greg Galitzine's VoIP Authority Blog:
    #$%^&* Apple!
  • VoIP & Gadgets Blog:
    Skype Backdoor?
  • Communications and Technology Blog - Tehrani.com:
    Optical Drivers and Trends
  • First Coffee:
    CRM AddOn U.S., Datacap's Contribution, CDC and Red Gold, SmartFocus and Chelsea, Marketo's Trailer
  • Greg Galitzine's VoIP Authority Blog:
    iPhone Shortage Dissipating
  • VoIP & Gadgets Blog:
    Economy Ticking Upward, Buy a Gadget This Weekend

    • Latest Whitepapers

  • Demystifying Enterprise Call Recording for the Avaya Platform
  • Special Report:The 4 Steps to More Profitable Remote Managed Service Delivery
  • Wireless Mobility Management: Over 10,000 Decisions to Manage
  • VOIP FOR BUSINESS:STABILITY VS. SAVINGS
  • High Quality Analog interface Cards for use with Astrisk
  • Choosing MG Appliance
  • The Intelligent Contact Center
  • Security Considerations: For an IP PBX and Contact Center Application Server
  • Recording and Quality Monitoring for Regulatory Compliance
  • Growing A Small Business: The Benefits of Hosting PBX & Telecommuting