1
00:00:01,040 --> 00:00:06,260
The security of near-field communication is also based on the assumption that there aren't any people

2
00:00:06,260 --> 00:00:15,860
around who would want to read your card when this case around means in the radius of up to three centimeters.

3
00:00:15,930 --> 00:00:21,680
The new release of backtrack includes a set of tools for attacking both Bluetooth networks and NFC devices

4
00:00:23,290 --> 00:00:28,790
these tools are capable for example of duplicating proximity cards.

5
00:00:28,970 --> 00:00:35,470
If on a train or bus your car is placed within three centimeters from a device that can read cards an

6
00:00:35,470 --> 00:00:40,750
attacker can use this to duplicate the credentials saved on your card and use them without any control

7
00:00:42,490 --> 00:00:49,550
member that there are no built in security solutions and NFC you can physically control media access

8
00:00:50,270 --> 00:00:53,900
provided that the medium is physical.

9
00:00:54,120 --> 00:00:59,190
You can for example monitor network cables and switches and in this way prevent unauthorized connections

10
00:00:59,190 --> 00:01:00,490
to your wired network.

11
00:01:02,170 --> 00:01:05,620
Security technique is practically impossible with wireless LANs

12
00:01:09,380 --> 00:01:11,880
usually to be able to connect to an access point.

13
00:01:12,110 --> 00:01:16,620
You have to be up to 100 meters away from the AP.

14
00:01:16,630 --> 00:01:20,720
This is dependent upon the used antenna.

15
00:01:20,880 --> 00:01:22,570
The bigger it is the better.

16
00:01:24,040 --> 00:01:28,640
A directional antenna can be used to reach an access point that is 100 kilometers away.

17
00:01:30,650 --> 00:01:35,510
This distance means that a potential intruder can attack your network even from another city or another

18
00:01:35,510 --> 00:01:36,450
country.

19
00:01:37,300 --> 00:01:40,270
Despite this you can logically connect to your business Flann

20
00:01:43,970 --> 00:01:51,080
What can you do to reduce this risk Internet standards organizations puzzled over this problem the 1999

21
00:01:53,490 --> 00:02:00,570
web standard was ratified in that year will come back to that later ratification of what made a lot

22
00:02:00,570 --> 00:02:02,290
of people sighed with relief.

23
00:02:03,910 --> 00:02:09,870
There's a ready privacy solution providing security that is equivalent to that of wired networks.

24
00:02:09,910 --> 00:02:11,860
You can now control media access

25
00:02:16,040 --> 00:02:21,430
this illusion of security was shattered two years later by Peter Shipley at a DEFCON convention.

26
00:02:23,080 --> 00:02:25,180
Shipley started the wardriving trend.

27
00:02:26,720 --> 00:02:33,380
This attack method consisted of searching for Lund's during recreational walk's drives rise or even

28
00:02:33,380 --> 00:02:39,000
flights with a running laptop equipped with a Wi-Fi card.

29
00:02:39,020 --> 00:02:45,470
There used to be geo location maps on the Internet that revealed the presence of Lands Day Internet

30
00:02:45,470 --> 00:02:51,720
access in many countries is practically everywhere and it's often free.

31
00:02:51,720 --> 00:02:53,750
This wasn't the case 15 years ago.

32
00:02:54,960 --> 00:03:00,140
The Def Con lecture also brought positive effects as it highlighted the problem of wireless network

33
00:03:00,140 --> 00:03:01,160
security.

34
00:03:03,200 --> 00:03:09,320
Since we can't control media access we should above all focus on ensuring the confidentiality and authenticity

35
00:03:09,320 --> 00:03:12,070
of data exchanged over wireless networks

36
00:03:15,480 --> 00:03:21,390
diagram in the picture above shows which OSA model layers can be protected with security implementations.

37
00:03:22,630 --> 00:03:27,130
You can remember from previous lectures that the lowest layer that can be efficiently protected is in

38
00:03:27,130 --> 00:03:28,160
that glare.

39
00:03:29,840 --> 00:03:38,340
PCit can be implemented in the third layer IP version 6 has its protocol as a default component.

40
00:03:38,360 --> 00:03:42,590
Unfortunately the layer is too high.

41
00:03:42,760 --> 00:03:47,730
We would have needed to control media access and ensured the authenticity and confidentiality of data.

42
00:03:47,750 --> 00:03:50,190
Even lower.

43
00:03:50,430 --> 00:03:55,760
This is one web protocol and it successor's WPA too and WPA were developed

44
00:03:58,310 --> 00:04:02,800
WPA and WPA two are completely dissimilar technologies and protocols

45
00:04:05,790 --> 00:04:10,330
WPA was introduced because WPA too was too good for its times.

46
00:04:11,570 --> 00:04:15,860
The majority of devices used at the time were incompatible with technology.

47
00:04:18,790 --> 00:04:26,440
To make people move away from WEP WPA was introduced standard is compatible to some extent with what

48
00:04:28,400 --> 00:04:35,150
most older devices that were designed with security in mind could run with WPA but not with WPA to.