- Wireless Fidelity (Wi-Fi) Hacking
Wireless Fidelity (Wi-Fi) Hacking
Crimes committed using mobile computing devices such as laptops
and Personal Digital Assistants (PDAs) with Wireless Fidelity
(Wi-Fi) technology implicate accessing another Users Internet
network connection without permission. "Wi-Fi networks use radio
technologies called IEEE 802.11a, 802.11b or 802.11g to provide
secure, reliable, fast wireless connectivity".
A wi-fi connection allows a User to remotely connect to their
digital wi-fi device within a specific range, without the need for
cables. In a house for example, a User sets up a Wi-fi connection
in one room and can access the Internet using a laptop in the
garden for instance without the need for any cables. As wi-fi can
connect multiple computers to each other and to the Internet via a
single high-speed connection, this means everyone connected can
share files and documents with each other. The crime takes place
when a roaming culprit accesses the wi-fi connection from outside
the house without knowledge or permission of the wi-fi owner. The
culprit can roam an area and search for an internet connection "hot
spot areas" to connect. This is known as wi-fi hacking, accessing a
wi-fi connection without permission. Section 48 of the Wireless
Telegraphy Act 2006 states that "it is a criminal offence to
knowingly use an apparatus with intent to obtain information as to
the content, when not the intended recipient; or disclosing that
p36, accessed 16/06/07).
Manaufacturers Research in Motion (RIM) highlight that
in the first instance, the built-in security policies of the
BlackBerry Enterprise Server would need to be in "disabled" status
for "BBProxy" to be effective. Further, a central IT policy would
forbid installation of unauthorised software as would the setting
up of an external connection from a BlackBerry device. For
"BBProxy" to execute, it would be submitted as an attachment
intended for the receipient to action by clicking "Open", however
the BlackBerry Enterprise Server does not allow attachement
downloads, accessed 18/06/07).
As a Mobile Data Service (MDS), a BlackBerry can be configured to
adhere to corporate network policies just as the corporate desktop.
This feature prevents potential security breaches by disallowing
access to banned sites in accordance to corporate policy.
Additionally, BlackBerry devices issued to employees by companies
(can) prevent installation of unauthorised third party
applications. RIM BlackBerrys do not provide scripting language
support as standard configuration on BlackBerrys. This consequently
means certain email scripts or attachments (i.e."BBProxy") which
include scripting language, will not be supported by the Blackberry
hence by default eliminates the risk posed by malicious messages
(Kao & Sarigumba, 2006).
BlackBerry devices feature passwords to access data; their
correct use is highly recommended by RIM. Password prompts can also
be set to appear after automatic timeout, which can be set after a
given time lapse. A manual locking function is also available,
which again would require the correct password to access data.
BlackBerry devices can be paired to a Bluetooth headset for
practicality, but this does increase the risk of unauthorised
access. This can be prevented by disabling the Bluetooth connection
when not required and also by changing the default "0000" access
PIN to prevent unauthorised "pairing" (Kao & Sarigumba,