Wi-Fi security in Hong Kong: FAIL

24 Feb 2009

The Hong Kong Wireless Technology Industry Association (WTIA) and Professional Information Security Association (PISA) have released the latest results of their annual Wi-Fi war-driving security survey.

The good news: 78% of the 30,000+ Wi-Fi access points detected in Hong Kong are encrypted. The bad news: most of them are still vulnerable to attack.

This year's war-driving survey - carried out in December 2008 - and funded by local telecoms regulator Ofta - was the most comprehensive yet in terms of geography, covering not just tram routes on Hong Kong Island, but also newly added areas such as Kowloon, New Territories and Victoria Harbor.

According to WTIA vice-chairman Ken Fong, the fact that over three-quarters of Wi-Fi AP are encrypted - the highest percentage yet in the survey's six-year history - indicates that Hong Kong users are increasingly aware of Wi-Fi security issues.

However, says Fong, they're not aware enough - almost half of encrypted Wi-Fi APs use basic WEP encryption, which "can be easily hacked within 10 minutes and thus, is considered unsecured".

Another 24% use WPA or WPA 2 TKIP encryption, which are stronger than WEP but still considered vulnerable after researchers cracked WPA in November 2008.

That leaves the remaining 7% using WPA 2 AES, the toughest encryption available for Wi-Fi and (at least so far) the most secure.

Related content

No Comments Yet! Be the first to share what you think!