Security researches will be outlining attacks that can break the WPA wirless security protection of wireless networks this week at the PacSec conference in Tokyo.  Erik Tews and Martin Beck will discuss how networks protected by TKIP (Temporal Key Integrity Protocol — originally called WEP2) are vulnerable to attackers being able to inject small amounts of traffic into the encrypted data stream.  This can allow attackers to:

Read the rest of this post »

LuxSci has been approached by many people asking for VPN (Virtual Private Network) services.  When we ask them why, they indicate that they use wireless hotspots (like at Starbucks and other public places) that are insecure and untrusted and they want to be sure that their email is secure and encrypted there.

This is a very legitimate concern.  Wireless hotspots are serious danger zones; we have seen many cases of people who have carelessly used insecure connections to email and had their login usernames and passwords stolen in such places.  This can lead to identity theft, the leaking of sensitive company or personal information, and other serious problems.  Anyone using public wireless hotspots or other untrusted networks for email and other activities that involve personal information need to take care that the information sent to and from their computers is protected.  If the transmission of your sensitive information is protected, then you have nothing to worry about and hotspots can be great places to work.

Read the rest of this post »