Sunday 26 May 2013

The simplest wireless guest solution

The simplest wireless guest solution

In this article I’ll try to present the simplest and cheapest solution available to any free Wi-Fi provider to offer encryption. This is based on Scenario 1 in my article Wireless Guest Networks

The scenario (summary)

  • The provider is a coffee shop, let’s call them “Coffee ‘N WiFi”
  • The provider needs a cheap and simple solution.
  • Low traffic scenario

The solution

Encrypt your Wi-Fi with WPA2-PSK and publish the key. All you need to do is to make a plaque saying: “Internet! Network: CoffeNwifi; Password: Cappuccino”


  • Easy to set up
  • No need for expensive equipment
  • Available today


  • Doesn’t scale very well
  • Users need to know the password
  • Still possible to crack if you intercept the handshake


The PSK solution is simple and it does increase security one notch. Unfortunately it does not scale, so next week I’m going to present the second solution. That one is going to invent something new and would require vendor adaptation before it can be used.

Sunday 19 May 2013

Wireless guest networks

Wireless guest networks

Ever since the Google “Wi-Fi Scandal” the “outrage” of certain individuals has struck me. Or more correctly the fact that privacy advocates are screaming bloody murder; while it seems nobody noticed that anyone with half a brain and a laptop could do the exact same thing. As long as you use an unencrypted network, everyone can just sniff out all of your communication right over the air in clear text. If you use unencrypted Wi-Fi at home you are asking to get hacked, plain and simple.

Ten I got hit by a bomb of a revelation hit me, guest and public access networks. I’ve thought about the solution for a very long time. This is going to be the first post in a series of articles discussing the various solutions to the problem and their strengths/weaknesses. This first article is going to present a few use cases, the following articles are going to present the solution to each of the scenarios presented.

Scenario 1

A small coffee shop wants to offer free Wi-Fi to attract customers. They do not have a significant revenue so they can’t afford an expensive solution.

Scenario 2

A public access network provider. They need to connect users securely, no need for user identification.

Scenario 3

Wi-Fi hotspot provider. Needs per-user authentication but also authentication-free access for user registration.

I’ll do my best to type up these articles before I start posting, and post them about a week apart.