A new project focuses on protecting homes and small businesses from Wi Fi routers with security failings. Over the past year, repeatedly this problem has made headlines as security researchers and law enforcement warn of Wi-Fi security problems that are created by these devices as well as with shared Wi-Fi networks.
The Electronic Frontier Foundation launched the Open Wireless Router project, which has focused on the development of software that offers Wi-Fi security that’s a much higher level than what the current router models are able to offer and it’s a safe way for users to be able to share their networks with guests.
Currently, the firmware isn’t ready to be used by home users. The EFF warns that it is geared to ‘people who are prepared to deal with the bleeding edge.’
A new solution to Wi-Fi security
The Inquirer has reported that the EFF has provided free source code for a secure, open router firmware, that runs on a Netgear model that’s very popular, and they asked for help from hackers and the security researcher community.
The organization says, “The software aims to do several things that existing routers don’t do well—or don’t do at all. Allow small business and home users to easily enable an open network, so guests and passers-by can get an Internet connection if they need one, while keeping a password-locked WPA2 network for themselves and their friends or coworkers.”
The project aims to address current common security issues with home routers. Often, their firmware is slowly updated, and in some instances not at all. Worse, some models are shipped with vulnerabilities that are known and that makes them easy prey for attackers.
Steps you can take now for Wi-Fi security
A video guide is offering basic tips on how you can secure your home router, and it provides a great starting point to ensure a Wi-Fi network is not vulnerable to unwanted guests.
Routers are predisposed to be devices that have a long life expectancy, which can make the problem worse. To update, you will have to find the model number of your router, which is generally marked on the unit. Then visit the manufacturer’s website to see if there is a newer version. If there is then download it to your PC/Mac, then you can access your router’s controls through the internal IP address. This is generally a standard IP address for each manufacturer, and it can be found in the manual or on their site.
If you are an advanced user, you might want to try some of the replacement that exists for router firmware. Olivier Bilodeau (ESET Malware Researcher) says, “For the relatively advanced consumer: install an alternative open source firmware on your router.”
Once again check your settings
A key first step is to change your password. Harley says, “Users should always change default router administrator usernames and passwords, and also change the default SSID.”
The SSID is the name of the network that is broadcast within the Wi-Fi range. When you leave it as a default it can broadcast information that an attacker will find useful, like the model of router you are using, or if you are using one supplied by your ISP. When you choose a new network name, make sure that you avoid any information that is personally identifying like your house number or name.
It is worth thinking about making your network a “hidden network,” by disabling the broadcasting of the SSID name. That way you won’t be as visible to attackers and if you want to connect new devices, just type in your network name on the gadget.