Security hype “stifling new technologies”

It seems that security concerns are preventing us making progress. Robert Jaques has an interesting piece in the September 2005 issue of PCW (UK). Yes, I know August has just descended upon us, however PCW does seem to be published some two months ahead of the actual month it represents!

Whilst the rest of the world are making progress with IP telephony/VOIP and wireless networking and wireless hotspots, etc. it would appear that there are some folks who are thwarting progress by following the maxim “if it ain’t broke, don’t fix it”. Well, in this situation, that maxim doesn’t hold true. For example, I’ve just returned from Microsoft TechEd in Amsterdam, where Microsoft was kind enough to provide [potentially] 6,500 of us with wireless access to the Internet. It was a remarkably liberating experience. I was able to check my e-mail whilst attending sessions, blog “live”, provide session feedback within minutes of the session finishing, etc. It was truly amazing.

How did we ever live without wireless? I can’t imagine the Internet without it now, never mind the connectivity gains that I’ve acquired after pushing the wired LAN into the dark and distant past (OK, so I’ve a wireless ‘bridge converting the wireless into wired for use in the study…it still means that I don’t have wires running all over the house, much to my wife’s delight!)

Life without wireless/VOIP might not be secure according to the hype mongers; however, can we believe them? True, wireless networks do open themselves up to a wider range of potential attacker – the attack surface extends itself to the far reaches of the wireless broadcast. And yes, early wireless kit was delivered (out of the box) with all the security options turned off or disabled…but I seem to recall that some operating systems were delivered in a similar fashion. Nowadays of course, virtually all wireless kit (and the aforementioned operating systems too) arrive with all the security bells and whistles enabled so much so it’s sometimes difficult to miss. With a little care, it is possible to secure a wireless network and/or VOIP such that there is considerable business benefit.

Life without wireless/VOIP means a mess of cables. It means a laptop, a rucksack and a bag full of various network cables and adaptors – I carry five RJ45 cables of various lengths and an RJ45-to-RJ45 extender that allows me to daisy-chain two RJ45 cables together if required. I didn’t carry such excess baggage to Microsoft TechEd…the only wires I saw there were those leading to from laptops to power sockets and from the VOIP handsets to the controlling PC.

Life without wireless/VOIP means having to find landlines or worse, mobile ‘phones. It means having to stretch a fixed line ‘phone across tables/desks to get it close to your laptop which is plugged in to the network and the mains – and because neither the network provider or the electrician spoke to each other, they both kept their infrastructure as far apart as possible. If you’re lucky enough to have a network provider and an electrician who speak the same language, the floor sockets that house their respective outlets/sockets, and this is especially true of electrical outlets, are sunk into the floor, hidden underneath a tightly fitting lid that soon comes away in your hand the minute you lift it open. And if that wasn’t bad enough, you try to plug your laptop’s power adaptor in, oh, the huge transformer prevents you from plugging it in…or, worse, you have a regular-sized plug fitted with a less than flexible cable…the power outlet’s live/neutral plugs so close to the edge of the housing that you can’t even bend the cable to fit.

And just think of the triangulation involved in plugging a laptop into the mains at point A, the telephone at point B and the network at point C. The resulting mesh is a potential safety hazard.

Just in case you had forgotten what life without wireless looks like, here’s a very tame reminder:

not wireless