-6

I would like to ask Why are wireless networks not considered secure despite the presence of some safeguards such as encryption, reliability, SSID, use VPN, and integrity?

thank you.

Improve this question
3
  • 5
    [citation needed]
    – grawity_u1686
    Commented Apr 9, 2021 at 11:18
  • 1
    Wireless networks are absolutely secure when encrypted
    – Ramhound
    Commented Apr 9, 2021 at 11:59
  • 3
    WiFi is secure when set up correctly, providing it's protected by at least WPA2 using AES (not TKIP), w/ WPS disabled, on a router that's been updated w/ a patch for KRACK and using a secure passphrase (min. of 16 char. with at least 2 each of lower, upper, symbols, and numbers). The underlying issues w/ WiFi have little to do w/ WiFi itself and everything to do w/ the router and whether it's using an up-to-date firmware image (most consumer routers running OEM firmware are not up to date and lack an enormous amount of patches - using opensource firmware like OpenWrt addresses this)
    – JW0914
    Commented Apr 9, 2021 at 12:45

1 Answer 1

Reset to default
2

Wireless networks are considered to be an increased risk over wired networks by some. Previous wireless security protocols (e.g. WEP, WPA1/ WPA2) have shown to contain serious security flaws at some point, which allowed unauthorized access. Other argue that WiFi networks can be made safe with best practices, like a fully updated access point, correctly configured (WPA2/AES,no WPS, CRACK patched) and strong passwords matching or exceeding 16 characters.

The issue is compounded by the fact that many networks are often long lived with devices that are not updated. Some had flaws in underlying protocol (WEP) which would not be fixed.

Another issue is that these attacks can be performed remotely, off-premise and are hard to track down (e.g. WPA1/2 offline cracking, should be fixed in WPA3). Wired connections on the other hand require physical access to the the equipment to compromise.

... not considered secure despite the presence of some safeguards such as encryption, reliability, SSID, use VPN, and integrity?

Wireless networks are very handy and their use should be continued. But wireless networks have been shown to be easily compromised in the past and should be treated with appropriate security measures, like network isolation, strong resource authentication and possibly VPNs. Large big budget environments continue to use WiFi, but it is recommended to isolate the WiFi network from the rest of the network to minimize risk.

Improve this answer
8
  • WiFi is secure when set up correctly, providing it's protected by at least WPA2 using AES (not TKIP), w/ WPS disabled, on a router that's been updated w/ a patch for KRACK and using a secure passphrase (min. of 16 char. with at least 2 each of lower, upper, symbols, and numbers). The underlying issues w/ WiFi have little to do w/ WiFi itself and everything to do w/ the router and whether it's using an up-to-date firmware image (most consumer routers running OEM firmware are not up to date and lack an enormous amount of patches - using opensource firmware like OpenWrt addresses this)
    – JW0914
    Commented Apr 9, 2021 at 12:46
  • 1
    I see your argument that WiFi can be safe if the AP is(/can) be updated to a recent version, which prevents among other KRACK, and all best practices followed, like WPA2/WPA3, AES, and unique SSID to prevent rainbow attacks. But I think those are many ifs to follow for most home and SMB users. And as you say, often these practices can't be followed because the manufacturers don't offer updates. That's why I think the unsafe statement is justified under usual conditions encountered in the real word. I suggested vigilance with wifi networks.
    – Cruiser
    Commented Apr 9, 2021 at 13:20
  • Everything, except patches, can be done without updating the router. I'm not aware of any WPA2 network using AES with WPS disabled and a complex passphrase with a minimum of 16 characters, using two each of lowercase, uppercase, numbers, and symbols (such a passphrase is impossible to crack) on a router with a KRACK patch (which came out in late 2017) being exploited... Are you?
    – JW0914
    Commented Apr 9, 2021 at 13:32
  • 1
    We agree that a WiFi system, especially with high entropy passwords, can be made pretty safe and there are currently no publicly known vulnerabilities in WPA2/AES. I just find the distinction important between something that is reasonably secure by default and something that must be made secure with best practices. I know of a few private/business environments which are unaware of the significance of password length. But I will happily update my answer with your input.
    – Cruiser
    Commented Apr 9, 2021 at 13:38
  • Simply because a user fails to properly secure their WiFi network does not make WiFi itself insecure - it simply makes that specific network insecure. This is analogous to seat belts in a car: simply because a driver chooses to not wear a seatbelt does not make the car itself unsafe in an accident, it simply makes the driver in that specific instance unsafe in an accident. There are many other analogies that can be given, as what you're stating is a false equivalency and it's this false equivalency that makes the answer factually inaccurate. I digress to the first sentence in your last comment
    – JW0914
    Commented Apr 9, 2021 at 13:46

Not the answer you're looking for? Browse other questions tagged .