Comments

So I've been staring at Dave Shea's Mezzoblue website today and it has definitely had me thinking about things. I need to do a redesign. I can't possibly compete in this world of design without having an equally well designed style. Not to say that I don't like my current style; i love it to be sure. The problem is that it isn't fantastic. Noone will be coming back to see it again. I can't have that. I've also been thinking about what I decide to publish to the website. I was thinking about whether I should separate web standards discussion from the main content. I have decided not to separate these things. My personal website is what it is. Even if I don't write a book or become an acclaimed web designer I will be happy just to know that my css rocks. Besides, I'm a web solution programmer and not a designer. Structure is my forté and not style. I'll let Ricardo deal with the style.

Comments

Networking

I want to discuss networking. Networking in the computer world is a multi-various discipline. Various companies have created their interpretations on how to network computers.Novell, Microsoft and Apple are some.

Protocols based upon TCP/IP, NetBios and AppleTalk were the beginning of many developments. Diffferent network systems were created to allow for different situations. Ring Bus networks allowed many computers to be connected in a circle and Star networks connect many nodes to one central hub.And this is how it progressed. Until there came wireless networks. No longer will we have to run cables under floorboards and carpets. Everything can be wirelessly linked and we can all communicate. Ethernet 802.11 has allowed us to transmit data over various distances without the need for anyone to worry about cables.

Voice, data, music, files are flying over the air to computers everywhere. Apple's Rendezvous allows users to communicate and chat without configuration or knowledge of the protocol. Internet gateways can be configured wirelessly and you can sit on the toilet to check your emails. All this technology must have a flaw. All this talk of Internet security, virii and firewalls but not many of us are thinking closer to home. How many of you have a wireless network in your homes and business? I wanted to find out for myself so i donned my wardriving t-shirt and made a dash for my car. "What's wardriving?" I hear you say.

War Driving (wor dri'vin)

v.1 Driving around looking for wireless networks. -term coined by Pete Shipley
Wardriving termed/invented by Pete Shipley that he derives this terminology from the wardialing method in year 1984 movie "Wargames". Wargames a film that glamorises hacking as cyberheroes character played by Matthew Broderick. In a nutshell, wardriving is the act of driving about with your laptop on your driver's seat. With the aid of a few, well known, applications you can detect wireless networks as you pass them by.

My wardrive

Now my interest in this was to how many locations would have a wireless access point of some sort and how they secured their connection.

Not really knowing much about how to go about this, the process was slow. I know of some people who have invested in GPS devices to record the locations. I'm not so blessed so I relied on taking landmark information in order to remember how.

Before I go any further, I wish to say that I don't condone any form of malicious behaviour but I had to test these wireless connections in order to check that they were actually insecure. I basically just checked a random web site and carried along. Certain areas seemed to have more wireless points than others. Student accommodation seems to be a popular location. Obviously there are many telephone boxes and pubs and other pubic places which have subscriber services. These wireless points had no specific wireless security because the server that the connection passes to requests payment before any connections can be made.

Results

Now I wish to look at the results of the exercise. Initially I broke all of the information down and sat at my desk deciding what I wanted to present to you. Obviously I didn't want to tell you specific SSIDs or locations of these free wireless points because that is verging on the illegal. Definitely of note is the number of actual locations without any form of security. The percentages are a little skewed because of the number of pubs which I passed. By re-calculating these results to exclude the pubs, I found that the true percentage to be 73.5%. This is horrifying. I passed more than 150 wireless access points and I didn't even drive around the entire area. I would love to give my powerbook to a taxi driver one day and see how much he picks up.

Looking at this information is very interesting. Several student areas must have been creating an adhoc wireless network to share an Internet connection. The signal radius reached, approximately, a quarter mile. Several home networks had no encryption but were obviously restricting connections based upon mac address. Whilst this is a quick and secure option of preventing users from using the resources, it doesn't prevent someone from sitting nearby with a packet sniffer and analysing your data. What if you were making a credit card transaction? Several businesses have used some form of security to protect their network but insisted on naming the SSID as their business. The slightest bit of information can help me to hack the network. SSIDs named linksys and NETGEAR are just asking for trouble because I'm just seconds away from accessing the web configuration screen for the router.

Security

Now I wish to talk to you about the options available to secure a wireless network. Looking at my home router, the Netgear DG834G, I have a nice configuration section for Wireless settings�. To begin with, I always use the access list. If anyone is lucky enough to guess my passkey to access the network, they will also need to have spoofed my mac address also. Under security options I can choose from:

• WEP (Wired equivalent privacy)
• WPA-PSK (Wi-Fi Protected Access Pre-Shared Key)
• WPA-802.1x

By choosing one of these options I can secure my network. I tend to go for WPA-PSK as it offers a better encryption.

WEP - WEP (Wired Equivalent Privacy), if used, encrypts data before transmission. This provides greater security and privacy. All Wireless Stations need to use the same settings (WEP Key size and WEP key). There have been several reported insecurities of WEP that lead me to believe that the better alternative is WPA-PSK. There are several advantages and disadvantages as discussed by Netgear in the article on WPA-PSK.

The chances of me being compromised by a wardriver are reduced. What are you doing to protect your network?

Comments

The XHTML+Voice profile brings spoken interaction to standard web content by integrating the mature XHTML and XML-Events technologies with XML vocabularies developed as part of the W3C Speech Interface Framework. The profile includes voice modules that support speech synthesis, speech dialogs, command and control, and speech grammars. Voice handlers can be attached to XHTML elements and respond to specific DOM events, thereby reusing the event model familiar to web developers. Voice interaction features are integrated with XHTML and CSS and can consequently be used directly within XHTML content.

Source - XHTML+Voice Profile 1.2

A discussion on Anne's weblog entitled Multimodal Opera Browser discusses Opera's position on supporting this, before today, unknown specification. The application of this to my current projects may be a long distance away but I shall be taking it seriously. The idea that the implementation of the WISP project could become more accessible to the disabled would be fantastic. For now I will be sticking with the basic accessibility and multi-linguistics but I'm leaving a framework within to make room for further enhancements.