Netgear has announced that it will support the protection measures in the “WiFi User Protection Bill” recently signed into law in California. Last week, Governor Schwarzenegger signed the bill which requires access point manufacturers to include warnings in the configuration menus and stickers on the retail boxes. Presumably, future Netgear routers would include such warnings.
The bill requires all wireless access points manufactured after October 2007 to include warnings that must be removed or disabled for the device to operate. WAP manufacturers have a bit of leeway in warning customers and can place a sticker on the WAP that must be removed prior to use. Warnings can also be placed in the configuration menu. Manufacturers that automatically secure the wireless connection don’t need to place any warnings.
Netgear is touting their “Touchless” security configuration which provides an easier way of exchanging WEP and WPA keys between computers and access points. Touchless is similar to AOSS secure connection system used by Buffalo Technology and Linksys’ Secure Setup feature. According to Nunez and many other security professionals, complex security setup menus is part of the reason why so many wireless networks are unsecured.
The WiFi User Protection Bill was originally introduced as Assembly Bill 2415 back in May by California House Speaker Fabian Nunez. Nunez believes that the default settings on WAPs are insecure and wants consumers to be warned about that fact. In his press release, Nunez even illustrated his point by bringing up a 2004 Tom’s Hardware Guide article about Warflying.
“In April 2004, Humphrey Cheung, the editor of a technology Web site flew two single-engine airplanes over metropolitan Los Angeles with two wireless laptops. The project logged more than 4500 wireless networks, with only 30 percent of them encrypted to lock out outsiders,” says Nunez.