The WiFi Alliance, which owns the WiFi registered trademark, says it means "Wireless Fidelity". See:

http://www.wi-fi.net/OpenSection/why_Wi-Fi.asp?TID=2

It might be a dumb unhelpful name, but the people who coined WiFi meant it to be short for Wireless Fidelity.

Edited by author 06-06-2003 12:43 AM
Pardon my obtuseness, but I just don't get the joke. What is the connection between hi-fi and Wi-Fi? What was the motivation for naming this thing Wi-Fi? Why did they think it was a good name? Or were they just trying to reinforce the old adage that geeks are schmucks?

You need to take that up with the consortium (and I don't know what your problem is with Glenn -- have you ever read his incredibly lucid, intelligent, technically detailed articles, posts and talks about WiFi?).

The WiFi Consortium has certified interop among several thousand WiFi devices. I've tried a couple hundred of them out, and they all work with one another. For instance, I'm currently using an Apple 802.11b/g card in a PowerBook 12", connected to a Linksys AP with a Linksys amp.

I've just switched to a D-link AP. Now I've switched to a Cisco AP. In my living-room. Biff bam boom. No fuss, no muss.

I don't know what they've done for you lately (and keep in mind that NO ONE certifies 802.11g interop: there is no final g standard, so there's nothing to certify). They've sure done a lot for the millions of other WiFi users out there.

   Are you being funny? WiFi is a trademark of the WiFi
   Consortium, which certifies interoperability among
   802.11b devices.

Ahhh - 802.11bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb.

That explains why NOTHING ON THIS PLANET thats
80211g/80211b works with my TiVo.

Tell me again Cory, exactly what has this forking
"WiFi" consortium and your buddy Fleishman done for
me lately?

Are you being funny? WiFi is a trademark of the WiFi Consortium, which certifies interoperability among 802.11b devices.

   As Glenn Fleishman has pointed out, "WiFi" isn't short
   for wireless fidelity. It's a play on words, a joke based
   on "Hi-Fi."

Well, as someone should have pointed out to Glenn,
it's a very poor joke and very poor play on words.
Because the "High fidelity" consumer systems of the
50's have *nothing* whatsoever to do with the 802.11
hardware and software of today. Maybe Glenn should be
looking to himself for reasons why people are "so
dim" -- explain to us again Glenn exactly why "WiFi"
has anything whatsoever to do with 802.11 standards
and why we should take your word for it.

The insecurity of cable is a red herring. DOCSIS cable modems encrypt traffic (I think it's only 56-bit but it's better than cleartext). Additionally, they only pass through traffic addressed to you -- you don't get all your neighbors' traffic on your Ethernet segment, only yours. (And a good thing, too; a single cable modem channel exceeds standard Ethernet bandwidth.) So while you could theoretically snoop on others' cable traffic, you'd need special equipment that would pass through all traffic onto your LAN (not a garden-variety cable modem) and then you'd have to decrypt it.

Edited by author 06-05-2003 06:57 PM
Thanks agraham999 and gilbert. I'm on an old Mac running 9.2.2 and Netbarrier. I also have a hardware firewall router (2Wire) but it's out of the loop right now because I only got it to connect my WinXP box as well, and that unit is temporarily out to lunch. Now, with Netbarrier, I keep the "anti-vandal" stuff active at a high level, but the firewall off. Gibson's Shields Up reports me as totally stealth. Also, I keep the Mac's File Sharing off. Finally, I do run a local copy of Radio Userland out of http://127.0.0.1:5335/ - I'd think that was port 5335, but I do see some port 80 activity.
But anyway, even without measures, I still don't get how "local subscribers can 'see' your hard disk" or "peek(ing) outside the firewall". Maybe I don't Need to know, but curiosity persists...

I must, unfortunately, say that there's not a lot of FUD there. If it lends me any credence at all, I'll admit that I'm a former security consultant myself, and continue to work in the field...

Whether or not you accept the argument from authority, the fact is, it's trivial to sniff wifi traffic. This gives up essentially all e-mail traffic (some geeks know how to encrypt that, but most user-friendly systems encrypt at most your logon credentials). And e-mail tends to have sensitive information in it. But whatever; the guy said he wouldn't log on to financially-sensitive sites, and he's right not to.

Sniffing plaintext will let you know who's about to do something more interesting (eg sign into an online banking thingy, or -- god forbid -- ms passport). Once you know who's about to do something interesting, you can fire up a man-in-the-middle attack. Basically, you convince the other guy that you are the access point, thus routing all of his traffic through your computer. Once you have that, you can do tons of attacks on SSL. The most obvious, mentioned below, is just to fake it. ie, you build an SSL link between you and the bank, so the bank thinks everything is legit, and then you have the client build an SSL link to you. The client gets a little window saying "the certificate issued doesn't match whatever", but I guarantee you that not a single End User cares about that. They'll just click OK, and you get to see all the details. If your target is a bit more wary but happens to be using an older/unpatched browser, subtler tricks can be pulled without the warning window.

It should also be noted that, whoever this Security Expert is, all he said is that he wouldn't do it himself, nor would he recommend it. And of course not -- the guy's a damned security geek, and it's his job to give advice which is correct, advice which will not get him into trouble. The article's author, however, portrayed the thing as a big issue -- and this could be just to generate hype and hysteria, but is more likely due to not actually understanding the issues. Not FUD, rather someone just looking for a story. Sensationalistic, maybe, but not in any way false.

Yes, cable networks are sometimes similarly easy to hack -- but an active attack generates an audit trail which can lead the ISP and/or cops to the attackers doorstep. Some companies even check for this sort of thing. Companies that don't can be sued, as can admins who snoop users' traffic. And this is true regardless of whatever user agreement you've signed -- though you will have to hire your own lawyer, and a bad lawyer aint gonna get you nowhere.

(No DSL network I'm aware of has this problem, because the link from user to telco equipment is point-to-point. I have never really dealt with DSL though, so you can tell me why I'm wrong.)

If you want to do public WiFi, you should VPN it all. This isn't especially easy to set up, but if you have access to a server somewhere (eg a home computer with DSL) it's also not terribly hard. And it solves all the problems without costing very much bandwidth. True geeks can SSH a PPP connection and never think about it again.

I've always *hated* the word "Wi-Fi." Ugh. I got the joke, I just never thought it was even remotely clever or funny.

taterhead:

Everyone using cable in your neighborhood connects into the same junction point, or "head end." The same signal is sent to all the houses simultaneously.
A cable modem simply puts ethernet through the unused portion of the cable TV cable. But it's still shared; you could (in theory, though it would be highly illegal) snoop on your cable modem and see what your neighbors are browsing or downloading.

Newton's Telcom has this to say on cable modems:

"Because the a cable modem creates a LAN, you have to be careful when using it since all the other local subscribers can 'see' your hard disk. As a result, it's important to not allow sharing on your hard disk."

That said, it requires a bit more experience than using a webmail client, which is where your average neighbor is probably at.

One upside to a cable modem: you get super low ping times to the other quake players in your 'hood.

taterhead...I'll remove the geekspeak...

Cable and some DSL networks are often shared networks, you essentially have hundreds (or thousands) of people sharing the same "network." You don't actually have a dedicated connection. So, if you didn't have an effective firewall, and your computer is just plugged into the router/modem, you are open to everyone else on the same network.

For example, if I peek outside the firewall of my home server, I can not only see hundreds of other computers that I could connect to, but I also see their printers...and any other device connected to the network. A good example of this would be the iTunes Sharing feature of 4.0. You essentially had tons of people on the same subnet and could share music with them.

The problem is that most people don't know this and leave themselves open to invasion. I've seen folks running a FileMaker database with no password protection, and I was able to go right in (and leave them a note to turn the password on). I've been able to print to other people's printers (hey...get a firewall).

My server has two firewalls...one on the router, and one in the computer.

Aside from WiFi, Cory said "anyone with a cablemodem connection is in the same boat as a wireless user: your communications can be captured by anyone in your neighborhood and read." I'm on cable and I didn't know this was easily done or even possible. Anyone care to update me on this?

SSL is great, however most people who do online transactions don't consider man-in-the-middle attacks, and will just click "Yes" when they get the pop-up message that explains that there was problem with the certificate and asks them if they want to proceed. Redirecting traffic with arp poisoning is really easy on open wireless networks...

Jeeze, Cory, how do you expect this "advisor" to make an easy living if you're gonna question his "advice"? You a commie or somthin?

I suck, because I now say in my writing, "Wi-Fi (short for 'wireless fidelity')" because it's de rigeur. Which sucks. Fidelity doesn't mean reliability and a trademark can't stand for anything -- it has to stand on its own.