WiFi not Secure – Clarified

I just received this e-mail from Francois Doremieux, Senior Program Manager, Product Group: Customer Experience in response  to my WiFi is Insecure post from last week. I thought it worth sharing.
 
----
 
Hello Rich
It was a pleasure meeting you in Redmond last month.
 
I just read your "WiFi is not secure" article and I wanted to add a brief comment.
 
As we discussed in Redmond, the notion of security and quality at the network layer is only one way to look at it. I agree that it’s possible to snoop and intercept the packets over WiFi. Therefore, one cannot trust the network layer alone for security (as we had discussed in Redmond that it is not possible to trust the network layer alone for management of quality). That is why the approach we have taken with Microsoft UC is to provide security at the application layer, with strong authentication, non repudiation, signaling and media encryption (in the same way we did it for quality with the adaptive media stack).
 
Transport is a very important element of the stack, but it can’t solve all issues (and its solutions tend to not have the flexibility software brings to the application layer). Applications such as OCS can overcome the transport flaws and provide software based security and quality, in conjunction with or even as a substitute to the network depending on the specific circumstances.
 
Best regards
Francois
 
---
 
Thank you Francois for the e-mail as your letter helps clarify this entry. The problem I referred to is with Web 2.0 applications, especially those where the Session ID and cookies are hijacked and cloned. As you mention, applications such as OCS and others with strong encryption can (thankfully) overcome transport flaws.
 
The point is when you are in an area where you are using WiFi, your packets can be hijacked and used to recreate your account. This is especially the case with Web 2.0 applications which loosely refers to hosted software as well.
 
Use of products like Citrix, Remote Desktop and OCS should significantly minimize if not eliminate the risk of identity hijacking.
The opinions and views expressed in comments, blogs, etc. are those of the authors alone and not necessarily those of TMC, TMCnet, or its editors. TMCnet reserves the right to edit, delete, or otherwise make changes to the content that appears on these pages at its own discretion and as it deems necessary.
August 6, 2007 9:27 AM | 0 Comments | 0 TrackBacks

Categories:

Tags:

Post a comment
View WiFi not Secure – Clarified news in TechnoratiTechnorati bookmark WiFi not Secure – Clarified in del.icio.usDel.icio.us Slashdot.comSlashdot Submit WiFi not Secure – Clarified to Digg.comDigg Twitter WiFi not Secure – Clarifiedtwitter

Listed below are links to sites that reference WiFi not Secure – Clarified:

WiFi not Secure – Clarified TrackBack URL : http://blog.tmcnet.com/mt/mt-tb.cgi/33198

Leave a comment

Search


Related Entries

Find Me Elsewhere

Recent Activity

Today

Saturday

More...

Recent Entries

Recent Comments

  • Kloe: What goes hand-in-hand with trolling on Wikipedia, forums, or whatever read more
  • tuzcuoğlu nakliyat: Plugins You Probably Don’t Use But Should 11 Most Popular read more
  • evlilik yıldönümü hediyesi: Google has a special place for me. My wife business read more
  • evlilik yıldönümü hediyesi: Apple product are good for average consumers read more
  • sevgililer günü hediyesi: I do agree about how Chrome does allow each tab read more
  • gece elbiseleri: I have been waiting for this kind of news since read more
  • sevgililer günü hediyesi: I like to see that too. I think it would read more
  • sevgililer günü hediyesi: IPTV is a new technology. The streaming video has a read more
  • Backbooner: Well, I have contacted AIM several times but that market read more
  • Blatant Lying: Anyone even thinking in investing in this stock has to read more

Subscribe to Blog

Categories

Tag Cloud

Blogroll

Recent Entry Images

  • tmcnet-feature-plaer-jquery-javascript.jpg
  • itexpo-east-2009-exhibit-hall-aisle.jpg
  • google-tricycle.jpg
  • wes-durow[1].jpg

Category Archives

Around TMCnet Blogs

  • Communications and Technology Blog - Tehrani.com:
    Interop New York 2009 Videos
  • On Rad's Radar?:
    Open Neutral Fair
  • VoIP & Gadgets Blog:
    VoIP in Google ChromeOS
  • Communications and Technology Blog - Tehrani.com:
    Back From Interop NY 2009
  • First Coffee:
    Unified360, Riff Raters for IPhone, AltiGen, DocuSign at Dreamforce
  • On Rad's Radar?:
    Mainly Cellular News Tidbits
  • The Readerboard:
    Make Customers Smile? Give Them Low Priced Half-Decent Products
  • VoIP & Gadgets Blog:
    StarTech.com ConXit Connection Wizard Helps You Find Right Connector

    • Latest Whitepapers

  • Seven Fundamental Plays from the Coaching All-Star Playbook
  • Building Blocks for a Solid At-Home Agent Program
  • Cost-Cutting Insurance for Customer Service
  • SIP Trunking ? 10 Things You Should Know
  • eBook: The Definitive Guide to Windows Application and Server Backup 2.0 ? Chapters 1-3
  • SQL Server Database Backup and Restore Planning
  • Deduplication: Effectively Reducing the Cost of Backup and Storage
  • Windows Server Disaster Recovery eguide
  • Leveraging Virtualization for Application Assurance
  • 11 Myths About Microsoft Exchange Disaster Recovery

    • TMCnet Videos

  • Business Video Briefing 5
  • Business Video Briefing 5
  • Business Video Briefing 5
  • Business Video Briefing 4
  • Interview with Verizon Labs
  • Interview with Awareness
  • Interview with Citrix
  • Interview with Astaro
  • Interview with Varaha System
  • Interview with snom