Femtocell Security

Femtocell Laptop Security A TV program which specialises in demonstrating scams and confidence-tricks caught my attention the other day.

Parked in a van outside a house in a leafy suburb, a standard laptop with WiFi and commercially available software was used to scan the airwaves. It picked up four domestic WiFi hotspots, of which only one had any security enabled.

Targetting this and using easily availabile software, the WEP security was quickly cracked, allowing full viewing of web pages being surfed. Whilst those accessed from a secure browser page using HTTPS (such as banking and ecommerce sites) were not visible, most screens could be logged, stored and printed out for future reference.

Pages included full details of a holiday booking (including flight dates and times) and shopping baskets. The user was understandably shocked when these pages were shown to him - especially since he had thought that WiFi security was switched on.

The solution to this for WiFi is to enable the newer and more powerful WPA encryption, and restrict access to individual MAC addresses, but not all WiFi devices have this capability.

When using public WiFi hotspots, security is usually turned off by default (otherwise each customer must be given the secret key and would have to enter it into their computer). Whilst this makes it easy to find and use WiFi, especially if it is a free service, it also exposes the user to risk of interception. Some programs, such as Skype, automatically encrypt their data, and so are not easily hacked. Business users with secureID and VPN tunnels have their own separate security layer.

But as more users become aware of the problem, public WiFi for general use may get a bad name.

One of the key benefits of femtocells is that they adopt the existing 3G cellular security protocols already in place. The end user doesn't have to take any special action or input any key codes or passwords to access the femtocell. Quite apart from the difficulty in accessing and decoding the radio layer (you can't just use a standard WiFi adaptor or its equivalent), the traffic is normally encrypted over the radio channel. The secrets held within the SIM card are used to setup a temporary session, with the subscriber identity (IMSI) being substituted with a T-IMSI. The user's telephone number is not normally transferred over the air - all registration is based on the IMSI - so tracing specific sessions to a user from their telephone number is more difficult.

With the growing popularity of small notebooks and uMPCs such as the Asus eeePC, not to mention smartphones which come with WiFi built in, the security concerns of using public WiFi in this way are not yet fully appreciated. Perhaps once they are more widely known, the switch to mobile broadband data services is more likely - both for use inside and outside the home.

Whilst the competing dual-mode UMA/WiFi solution also encrypts voice and data traffic over the air, many using WiFi as a simple fallback on their laptop remain open to security threats. This is where using the femtocell with a local data offload would provide the dual benefits of secure encryption over the air with fast, direct access to any data devices on the home network or directly through to the internet itself via wired broadband.

Hits : 17455
  • 4

    more

    Residential

    Residential

    A significant number of users continue to report poor mobile coverage in their homes. There will always be areas which are uneconomic for mobile operator to reach. They range from rural areas

    ...
  • 4

    more

    Enterprise

    Enterprise

    The term Enterprise addresses any non-residential in-building including hotels, convention

    ...
  • 4

    more

    Metrocells

    Metrocells

    Metrocells are compact and discrete mobile phone basestations, unobstrusively located in urban areas. They can be mounted on lampposts, positioned on the sides of buildings or found indoors in

    ...
  • 4

    more

    Rural

    Rural

    A rural small cell is a low power mobile phone base station designed to bring mobile phone service to small pockets of population in remote rural areas. These could be hamlets, small villages or

    ...

Category Icons Backhaul Timing and Sync Chipsets Wi-Fi LTE TDD Regional

Popular Categories

Follow us on...

footer-logo

Search