Why, oh why, oh wireless…..

OK, so enough of bleating about how bad things are, on to some more topical issues.

This news item on Security Focus amused me. Basically, if true, it appears that a wireless network secured with WEP only encryption was the access channel for the TJX hackers.

The thing is, I have had a discussion with people here about wireless and the levels of protection used and suffice to say, I think they could be improved. The arguments against it have ranged from the “it’s good enough as it is” and “we haven’t got enough resources to change it” through to “well, even if they crack the code they can’t do anything anyway”.

From my previous posts, you will see a theme developing here.

OK, so, how do I use the TJX case to convince the naysayers that improvements are necessary? Well, in the past I would have sent the link with a summary and expected them to understand. That doesn’t work.

So, after a few more days to allow for any further information to come out on this particular aspect I will send the link, but with a far more descriptive summary and also liken it to our own situation. I will also then schedule a meeting with relevant parties to discuss.

I also need to have my arguments ready for the “yes but if they get in, they still can’t log on” response which will inevitably come.

As I said, it’s hard to work at this level where absolutely everything needs to be explained but if it’s necessary to make progress, so be it.

I'll let you know how it goes.