Comdex Puts Wi-Fi Weaknesses on Display
Page 1 of 1
Remember the early days of cell phones? When you could hope you'd make a connection at any major business hotel or conference center, but you couldn't be sure? Fast forward to Fall Comdex 2002 in Las Vegas and welcome to the current state of public Wi-Fi LANs.
While only a shadow of its former self, Comdex has a wireless focus this year and you'd expect the show, or indeed a city such as Las Vegas that hosts other high-tech trade shows, as the Consumer Electronics Show (CES), to have good Wi-Fi.
You'd be wrong.
Although resellers and integrators have long made bringing Wi-Fi to hotels and conference centers a priority, few of the hotels of the gambling center of the universe have WLAN installed. Indeed, by my count only the Four Seasons, with WayPort and Boingo and Embassy Suites with WayPort are setup for the Wi-Fi business traveler.
On the other hand, based on the experiences of Wi-Fi users at the Las Vegas Convention Center (LVCC), conventional 802.11b Wi-Fi may not be up to the challenge of dozens to hundreds of simultaneous users. Symbol Technologies put up five public Hotspots in the LVCC, which could handle up to 300 concurrent connections. While some of the users were able to connect some of the time, none of the users were able to connect all of the time.
Public Wi-Fi Woes
When they worked, the Symbol networks worked extremely well. But, when they didn't, it wasn't pretty.
The problems, based on discussions with Symbol technicians on-site, my own troubleshooting of friends and colleagues with Wi-Fi fits, and network analysis, came from poorly set-up Wi-Fi connections. These problems can be summed up that many people's wireless rigs work fine -- if they never leave their home or office Hotspot -- but they fail in roaming situations.
For all that people talk about the joys of roaming with their
Wi-Fi equipped laptops, the reality seems to be that about 30% of the Comdex
users weren't using Dynamic Host Configuration Protocol (DHCP)
It must also be said that many wireless users aren't the
least bit savvy about their equipment. I saw several cases where explicit instructions
to set the Service Set Identifier (SSID)
Many systems, including mine, had trouble locking on to a given access point in an environment where Windows XP's SiteSurvey sometimes showed as many as 8 access point, not to mention, laptops and PDAs in ad hoc mode, offering their services. Like a sheep set between two loads of hay, some systems were unable to latch on properly onto any access point in this environment. Others showed such confusing error messages. The operating system wireless monitoring would show no signal while the NIC's monitoring program showed connections with both excellent link quality and signal strength.
Another problem was equipment compatibility. While almost everyone's 802.11b Wi-Fi NICs were eventually able to connect with the Symbol access points, there could be no question that the Symbol cards -- provided free to Comdex users -- consistently worked better. My own D-Link AirPlus DWL-650+ ran like a champ... when it connected. Getting it connected often took several tries.
Part of the reason for that problem is that 802.11b only has, for practical purposes, three channels (channels 1, 6, and 11 in the US.) that you can use without causing interference between access points. This, combined with the fact that all users are competing for the same 11Mbps of total bandwidth, made getting even enough access to try to log into Symbol's network an adventure.
The simple truth is that no matter how many access points you have, 802.11b doesn't have enough channels or available bandwidth to handle more than perhaps two or three dozens active users at a given time. Of course, in most situations that won't be a problem since most of the time, network administrators are unlikely to fit that many users into an access point's range. But, if you're setting up a trade show, coffee shop or classroom where big crowds are a real possibility, 802.11g and 802.11a's larger numbers of channel and available bandwidth starts to look a lot more attractive in the long run.
Beyond the Setup
Symbol, to make its network as accessible as possible, didn't use Wired Equivalent Privacy (WEP). They did, of course, remind people that they should use a virtual private network (VPN) if they wanted to have some security for their online messages. Based on a quick scan of network traffic, most people didn't.
Another real world problem is that a quick, off-the-cuff survey of users found only about 20% of them were running ZoneAlarm, Norton Personal Firewall, or any other kind of personal firewall.. That's a big mistake.
Some people might think no one's going to peek over their wireless LAN shoulder. They're wrong.
Inside of an hour I saw 30 different attacks on my laptop. Most of them were trival -- attempts to ping my system -- but there were numerous attempts to access my hard drive via NetBIOS calls. While the great majority of these attacks came from the Internet at large -- almost certainly from script kiddies randomly looking for vulnerable systems to mess around with -- others were from IP addresses within the Symbol LAN. Clearly, some of our fellow wireless users were trying to pry into their neighbor's machines.
The moral of the story is clear. If you're going to be traveling and using Wi-Fi, you must install and use some kind of personal firewall. Otherwise, the person sitting next to you at Starbucks may walk out with a half-cup of coffee and your personal files.
Problems and all, Symbol did an excellent job of providing a massive wireless LAN to Comdex attendees. At the same time though, in so doing, they showed how 802.11b is reaching a bit beyond its grasp in such deployments and how both the technology, and its users still need to make improvements before they can safely make the most of the technology.
Want to do a quick deployment of public access Wi-Fi but need some help?? Join us at the 802.11 Planet Conference & Expo, Dec. 3-5 in Santa Clara, CA. One of our sessions will cover Hardware & Back-End Systems for Instant Hotspots.