T-Mobile works to tighten Wi-Fi security

[InfoSec News <isn () c4i org>]

http://news.com.com/2100-7351_3-5090391.html

By Richard Shim 
Staff Writer, CNET News.com
October 13, 2003

T-Mobile USA is adopting a specification that's designed to prevent 
the hijacking of information between a Wi-Fi network and a client 
device, a move that's aimed at improving the security of its wireless 
hot spots. 

The Bellevue, Wash.-based wireless company announced on Monday that it 
has been testing the 802.1x security specification at selected hot 
spots, which are public places where wireless Web access is available. 
It said it plans to add support of the specification across its entire 
Wi-Fi network in the United States by the second quarter of next year. 

Securing the transmission of data over wireless networks is a major 
concern for information technology managers, and so far, it has been a 
limiting factor in businesses' adoption of Wi-Fi technology, according 
to analysts. However, as more traveling professionals use the 
technology as a convenient means of accessing corporate data and 
e-mail, information technology administrators may feel more 
comfortable; public wireless access should become more secure as 
specifications such as 802.1x and Wi-Fi Protected Access (WPA) become 
more prevalent. 

The 802.1x specification tackles a major security concern over access 
control and the use of Wi-Fi wireless networking technology: It stops 
information from being intercepted while it is being transferred 
between a Wi-Fi network and a client computer or other device. 

"More IT departments will have to audit the venues that employees use 
to access corporate data, and as more service providers use these 
security specifications, the more likely businesses are to use them," 
said John Yunker, an analyst with research firm Pyramid Research.

Still, there is some skepticism among IT professionals about the 
effectiveness of these measures, simply because many are relatively 
untested. 

"This is a good step in the right direction, but all of these 
specifications are fairly new, so people need them to be out longer in 
order to gain trust in them," said Allen Nogee, an analyst with 
research firm In-Stat/MDR. "Usually, the test of time will prove 
whether or not they are successful." 

Security concerns aren't slowing the use of hot-spot service for 
T-Mobile USA, according to Joe Sims, general manager of T-Mobile 
HotSpot, who noted that businesses accounted for 88 percent of the 
network's usage. 

"We want to remove whatever barriers that big businesses have in terms 
of security and help smaller businesses that don't have IT support to 
feel more comfortable using our hot-spot service," Sims said. 

T-Mobile has 3,000 hot-spot locations in the United States. 

The company noted Monday that its hot spots would be compatible with 
Microsoft's Wireless Provisioning Services technology, which also 
supports the 802.1x specification. Wireless Provisioning Services is 
essentially an add-on to Windows XP that is designed to make it easier 
for PC owners to make a connection via a Wi-Fi hot spot. The 
technology will be available as a free upgrade to the operating system 
at the beginning of next year. 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.