THE MAGAZINE

Cell Networks Evolve Into Data Networks

By Peter Piazza

Setting up a Wi-Fi connection when you’re on the road can be a trying experience. There are security and accessibility concerns to contend with. For example, is that really the airport’s access point, or are you connecting to a dangerous look-alike? And if you’re in a taxi between the airport and your hotel, you won’t be able to get any signal at all.

An increasingly popular wireless standard known as EV-DO (Evolution-Data Optimized) may be the answer to these problems. It allows a computer with the right kind of wireless card to connect to a cell-phone network. This solution addresses both the availability and security issues while making it possible for road warriors to get download speeds that are becoming competitive with wired broadband speeds.

John Polivka, product marketing manager for Sprint’s mobile broadband service, says that the company’s data network already covers more than 152 million people in North America across all major metropolitan markets (it’s shooting to add almost 70 million people by the end of next year), with other major providers such as Verizon and T-Mobile offering the same service to 150 million or so people as well. That means that strong connections are available almost everywhere on the continent.

“That’s really one of the benefits versus Wi-Fi,” Polivka says. “You get a connection you can use across an entire metropolitan market. You can drive from tower to tower without losing your signal.”

EV-DO doesn’t come cheap, however; unlimited-data plans begin in the neighborhood of $80 a month. It’s also not yet standard equipment. But that’s starting to change. Many computer makers are beginning to embed EV-DO functionality into new laptops.

One reason that the EV-DO standard is catching on is that it is naturally more secure, says Joshua Wright, senior security researcher for Aruba Networks and a member of the Trifinite Group, technology experts who conduct research on wireless security issues.

EV-DO “does not suffer from many of the security vulnerabilities that plague IEEE 802.11 or Bluetooth networks,” Wright says, so concerns over rogue access points may become a thing of the past. EV-DO uses Code Division Multiple Access (CDMA), a technology used for cell networks that provides six levels of protection by coding and encrypting data between the laptop and the tower, Polivka says.

As always, however, security concerns will eventually arise. Wright explains that the major security concern he’s seen so far is the way that built-in EV-DO cards might be used on computers running Windows XP where a user has administrator rights.

You can expose the corporate network to the entire Internet by bridging your EV-DO and LAN interfaces, says Wright. Bridging allows a computer with a wired connection to broadcast access to that connection wirelessly to a laptop with a wireless card, for example.

“When this happens, it makes it possible for an attacker on the Internet to contact the XP system over EV-DO, and possibly exploit a weakness in the system. A successful compromise allows attackers to escalate their privileges, giving them unrestricted access to the internal LAN,” Wright says.

There is a way to close that vulnerability. Wright recommends disabling the bridging feature on XP systems that use EV-DO for wireless Internet access. This may be little more than a safe-computing practice, but those practices are essential in the long and difficult struggle for computer security.

Comments

 

The Magazine — Past Issues

 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.