Posts Tagged ‘Wireless’

• Wireless Security – Any Need to Panic?

  Date: 2011.01.17 | Category: Events, IT, WiFi | Response: 0

  The issue of wireless encryption ‘cracking’ has been in the news again recently thanks to Thomas Roth and his claim to be able crack WPA-PSK passwords in a matter of minutes. The basic methods used are nothing new, primarily a hybrid brute force and dictionary attack, which essentially is like you sitting at a computer and trying every word you can think of as the password. What was different in this case is the use of cloud computing to harness enormous processing power – enough to try 400,000 passwords per second bringing the time to guessing the password down considerably. This all sounds rather concerning, but is it really?  

  If you fit the best lock money can buy to your front door and then you leave it on the latch, can you really complain when someone opens the door and burgles your house? The important thing with encryption is the complexity of the password as the time it takes to crack a password depends very significantly upon the password strength. Roth himself said “If  [the password is] in a dictionary it’ll be very fast, but if you have to brute force it and it’s longer than eight characters and its complexity is okay, it’ll take a very long time.” By ‘long time’ he means years and years, and the longer the password the longer it takes, in fact exponentially longer.  

  

  Security is only as strong as the weakest link

  So, nothing to worry about then?…well not quite when you consider the way WPA-PSK is often used. The clue is in the name – PSK stands for Pre-Shared Key – and as it suggests the key is shared between all users. If you take a typical event site where organisers, press and crew require a ‘secure’ wireless network often WPA-PSK will be used, but it’s often not as secure as intended for two reasons. 

  Firstly, the password or key is being given to many people and it only takes one person to release the password into the wild and the whole network is compromised. Once compromised the only way to secure the network again is to change the shared password which means all users need to be notified of the new key, not very practical in the middle of an event. 

  The second issue is that because the password is being shared between many people generally a short, easy to remember one is used, opening up the network to the type of attack described above. Visit many media centres, event HQ’s etc. and you will see the network password printed on A4 pieces of paper stuck to the wall.  

  Network security is often seen as a hassle, along with the “it won’t happen to us” mentality but there are more and more reasons to take it seriously. Prior to the news about the WPA-PSK crack there was also news about a plugin for the Firefox browser that could ‘listen’ to other users’ data on a wireless network (either an open network or one where the key is known). Increasingly at events more and more data is transmitted across the network and much of it is sensitive. Yes there are secondary mechanisms such as VPN and SSL that are used to protect some data but often you will find file shares, websites and other data all unencrypted and open to see on the network.  

  We do take network security very seriously and have been offering individual user names and passwords for network access for several years which gives us access control with a much better level of granularity, along with the ability to provide a full audit of users. For 2011 we are going a step further and at the Event Production Show in February we will be launching an additional service known as DPSK or Dynamic Pre-Shared Key. Using this service once a user logs onto the network they are transparently given a dynamic, unique encryption key. This means that all users have a different (and very strong) encryption key, ensuring all data transmitted is well protected and users do not need to know the key or share it with anyone. All the user needs to know is their username and password (which stills needs to be ‘strong’) but if that user’s details are compromised the only impact is to that user and that user’s account can be quickly blocked.  

  We understand that every event has different needs and aspects such as network security are a balance between risk and complexity so we have developed a range of solutions to meet those different needs. If you are concerned about the security of your IT systems at events then drop in for a chat at the Event Production Show or contact us for a discussion.

  • Blog this!
  • Bookmark on Delicious
  • Digg this post
  • Recommend on Facebook
  • Share on Linkedin
  • share via Reddit
  • Share with Stumblers
  • Share on technorati
  • Tumblr it
  • Tweet about it
  • Subscribe to the comments on this post

• Satellite Broadband: Will it work for your Event?

  Date: 2010.11.29 | Category: Events, Technology, VoIP | Response: 0

  Last week in the news much was made of a dedicated satellite launch for broadband Internet access (http://www.bbc.co.uk/news/science-environment-11846237). Satellite Internet access is nothing new and varying levels of service are available today but this launch, along with a couple of others that are planned, do bring additional bandwidth and some improved services. With this in mind I thought it would be useful to cover the good and bad of satellite Internet and whether it can help at your event.  At a high level the pros and cons are as follows:

  Pros

  • Relatively quick to deploy at short notice
  • No requirement for any physical wired infrastructure to the site
  • Relatively high bandwidth (primarily download) can be purchased compared to low-end broadband

  Cons

  • Requires line of sight (roughly to southern horizon and an associated Fresnel zone area)
  • Requires alignment (although automatic motorised systems are now available)
  • Very high latency (delay)  impacts usability for some applications
  • Can suffer weather impacts such as rain fade
  • Higher bandwidth tends to require a larger dish
  • Tends to work out very costly for longer duration events

  For an event organiser some of these points are very important, for example the high latency makes the use of most VPNs virtually impossible which is a real problem if for example you need to run a ticketing system connected via VPN. VoIP services also suffer with high latency meaning delays and ‘Darlek’ effects. There are some improvements with the latest generation services but the simple fact is that satellites are a long way away and will always suffer high latency. It is also important to not assume a satellite dish will have line of sight – there are many situations where getting visibility to the southern horizon is harder than expected and it is also import to factor in the Fresnel zone, this effect means that a small gap between two buildings or trees may not work as expected.

  Not all satellite services are the same. Different satellites have different ‘footprints’ meaning they cover different parts of Europe. Many providers also use contention ratios on satellite services too in a similar way to wired ADSL/Broadband services. There are a range of speed options ranging from consumer type services up to more business/professional levels, some services are also optimised for digital video links rather than web browsing.

  So, in summary, when should you use satellite? When there really are no other options. We can, and do use satellite from time to time but it is the last resort and requires careful planning to ensure the service delivered meets the requirements. We always work with customers to review all options and recommend the most appropriate solution.

  • Blog this!
  • Bookmark on Delicious
  • Digg this post
  • Recommend on Facebook
  • Share on Linkedin
  • share via Reddit
  • Share with Stumblers
  • Share on technorati
  • Tumblr it
  • Tweet about it
  • Subscribe to the comments on this post

• Event IT: Key Points from 2010 to help you in 2011

  Date: 2010.11.10 | Category: Events, IT, VoIP, WiFi | Response: 0

  As the outdoor events season quietens down a bit and focus moves to planning for 2011, I thought it would be useful to list out some of the trends we have seen during 2010 which can help with 2011 planning when it comes to IT and communications at event sites. Although focused on outdoor events most of the topics below apply equally to indoor events. So here we go:

  1. Plan and Book early – Connectivity providers have a few terms they love to use to push up costs – survey and expedite being two common ones. These costs mount rapidly and can generally be avoided by early engagement and planning. Last minute installations can end up being 2 or 3 times the cost of a normal installation. Other things to watch for include the ‘miscellaneous labour charges’, which often appear if a provider has to run cables around a site. This can be minimised by agreeing ‘demarcation’ at a suitable location and then cables being run by the event itself (we do this at most event sites and it can save £1,000s for larger deployments)
  2. PDQ / Payment Systems - In 2010 we have seen a significant rise in the number of events reporting problems with GPRS (mobile phone) PDQ machines – these are the credit/debit card machines used for merchandise, box offices, traders, etc. The problem stems from the fact that at events the mobile networks (Vodaphone, O2, Orange, etc) cannot handle the amount of data that users are trying to pull over the network, and with all the network congestion the PDQ machines cannot process transactions. The reason the problem is getting worse relates to the increase in smartphones using more data and also some reluctance by operators to put in temporary masts due to their high cost. However it is important to note that just because a temporary mast is installed is does not necessary mean that data services will be any better as most temporary masts are more for the benefit of voice calls. The alternative to GPRS PDQs are Wi-Fi PDQs – exactly the same machines but using a Wi-Fi network instead. Obviously this requires a Wi-Fi network to be in place but it means the network is fully controlled and transactions on the machines are much faster. There are options to rent Wi-Fi PDQs (we offer this service) but 2-3 weeks notice is required as the machines have to be configured with the relevant banking merchant id.
  3. VPN for Ticketing Systems - VPNs (Virtual Private Networks) are a method for creating a secure connection between two locations such as an event site and a central database somewhere. They are often used by ticketing and stock systems which are increasingly being used from event sites. There are two things to watch for, firstly VPNs require good network connectivity, especially upload, which means basic broadband will not support it very well. The second area is that VPNs often require special firewall configuration, particularly if multiple VPNs are to be used.
  4. Wireless Spectrum Management – The use of wireless equipment on event sites continues to grow at a pace – general Wi-Fi, CCTV, ticket scanning, sound systems, audio and video links, etc. all make use of wireless solutions, many of which operate in the same frequency range. Harmony and reliable operation can only be achieved if everyone works together and early communication and coordination is key to ensure there is no interference.
  5. Smartphone Hunting - The rapid increase in smartphone devices with Wi-Fi creates new challenges for onsite networks, even when the event network is not intended for public access. The issue is that smartphones will continually ‘hunt’ for Wi-Fi networks and when they find one they try to connect. This creates a small load on the network whilst they negotiate a connection (which will eventually fail if the network is secure) and with enough devices trying to connect this load builds up to the point where it impacts real users. The solution involves using wireless equipment designed for larger loads coupled with proper network management as low end Wi-Fi routers are not designed to deal with large numbers of users.
  6. VoIP Phones - The use of VoIP phones at events is now commonplace and demand is growing as more people become frustrated with mobile networks at events. Use of VoIP is the best way to avoid having multiple BT lines and the only way to have a flexible solution allowing last minute deployment of additional phones.
  7. Smartphone Apps - More and more events are now commissioning their own apps for use at events but few events are considering the full picture which is critical for success. Most of these applications (certainly the more useful ones) require connectivity at the event to get updates. Typically the mobile networks struggle with demand at events and so the user gets a poor experience and rates the app badly. Many users also turn up at the event expecting to download the app which creates further (significant) demand. One way around this is to provide a locally controlled Wi-Fi network for use by the app. This can then also be used to deliver local content direct from the site.
  8. Public Wi-Fi Access - The increase in smartphones coupled with the massive expansion of publicly available Wi-Fi leads to more and more expectation that events will have Wi-Fi access. The costs of expanding an existing network being provided to site production, technical production, crew etc is not as high as people initially think and opens new avenues for sponsorship, advertising and rich content delivery.

  As always, whether you a run a small event or a large event, we are always happy to provide advice, support and services to your event to ensure technology does not get in the way of delivering a great experience.

  • Blog this!
  • Bookmark on Delicious
  • Digg this post
  • Recommend on Facebook
  • Share on Linkedin
  • share via Reddit
  • Share with Stumblers
  • Share on technorati
  • Tumblr it
  • Tweet about it
  • Subscribe to the comments on this post

10:10 ADSL AMT Awards Broadband Carbon Footprint CCTV Charity community conference Connectivity education Enterprise Enterprise IT Enviroment Event Event IT Event Show Exhibition Festival Intel vPro iphone Lighting Tower Location tracking Manageability Media Centre Meningitis Trust Olympics Press Press Centre Reading Festival RFID Satellite Showground Showman's Show Sound Monitoring Technology Technology Venue Trade Show VoIP Web 2.0 Wi-Fi WiFi Wireless Wireless and Mobile '09

WP Cumulus Flash tag cloud by Roy Tanck requires Flash Player 9 or better.