Wireless network update eliminates login

IT services rolled out the secure wireless network faster than planned after Firesheep raised security issues.

By Jonathan Lai

IT Services unveiled a secure campus wireless network over break that also bypasses the unwieldy log-in process. The release date of the new network was bumped up in response to security concerns about the old network, which was not secure and was more vulnerable to hacking.

Dubbed uchicago-secure, the new network runs on a framework called IEEE 802.1X, which allows users to store credentials on their wireless devices in order to connect securely to the Internet without going through a log-in page.

According to Senior Director for Emerging Technologies and Communication Oren Sreebny, the uchicago-secure network had been planned before he arrived in September, though the implementation was accelerated because of the security vulnerabilities exposed by Firesheep. Firesheep, a plug-in for the Firefox web browser, allows users on unsecured WiFi networks to access and modify the Facebook and Twitter accounts of other users on the network.

“It was supposed to be a little later on in the first quarter of the year, and we ended up accelerating the rollout as a result of some of the security issues we were seeing towards the end of the calendar year,” Sreebny said.

“The vulnerabilities have been there, but all of a sudden, there was a much easier way to exploit them. And we were at a point in the project where we knew things were stable and things were good to go, so we moved them up.”

The uchicago-secure network closes that vulnerability by encrypting all wireless traffic. Traffic on the old network was unencrypted, though some individual websites—those with an address beginning with https://— did encrypt traffic. Some sites, like Gmail, allow users to choose whether to use encryption, but other websites like Facebook and Twitter remain unencrypted and open to others using Firesheep on an unsecure network. A secure network encrypts all information through the router, protecting data sent over the Internet.

A pilot of the new network was conducted last fall at the Regenstein Library and Harper Memorial Commons. “The responses that we got from the test are that people loved it, especially not having to log in all the time,” Sreebny said.

Although the uchicago-secure network helps reduce wireless security risks, it will not remove them altogether, Sreebny said. He warned that while CNET credentials and Internet traffic will remain secure, automatic authentication can pose problems of its own. “What you do have to worry about is, let’s say you left your laptop sitting open on a desk in the library, and somebody else came up and started using it, they could just, you know, use it. So you start to worry about that.”

Now more than ever, Sreebny said, “People should be careful about making sure they have a password on their device.”

While the new network will make connecting to the Internet easier for most users, the old network will continue to run indefinitely while IT Services makes sure all devices will work. According to Sreebny, wireless devices sold in recent years have the necessary hardware and software installed, but “if you had a laptop that was older than, say, three years old, I’m not sure that it would work.”

The implementation hasn’t been a problem so far, said Sreebny, adding that the pilot program was extremely successful. “Everything seemed to work, and there were very minimal problems,” he said.