[MUSIC]
In the previous video, we saw that we can transmit different kinds of sensitive
information through the network.
In fact, most of the information we transmit today can be considered sensitive
in one way or another.
Logging credentials, financial data, and personal information are transferred
constantly over networks outside our control.
This means that anyone with access to those networks could potentially inspect,
modify, or even destroy it for their own purposes.
Security protocols try to overcome these limitations by providing methods to avoid
and detect the formation threats.
Depending on the network and the security requirements,
we will be using a different security protocol to protect our communications.
Wired connections require the adversary to have physical access to a network cable.
This is extremely difficult to achieve for an attacker as it requires him to
physically modify the cable which increases the risk of being caught.
Consequently, dial wired network connections between two devices are rarely
secured using security protocols.
In a local wireless network,
we must protect messages from adversaries who aren't relatively close but
don't require physical interaction to access the communication channel.
Wireless communication standards provides several security protocols for
local wireless connections.
The Wired Equivalent Privacy, or
WEP, was the first security protocol used to protect these networks.
However, it was proven insecure more than ten years ago.
It's not longer supported and you shouldn't be using it for
any kind of wireless communication.
To overcome the problems of WEP,
the Wi-Fi Alliance proposed two new wireless security protocols.
Wi-Fi protected access and Wi-Fi protected access 2.
Actually we call them just WPA and WPA2.
These two protocols can work in two different modes.
With a pre-shared key that is configured with both in the access point and
the client or with a radio server.
In the later,
each user's given a different set of credentials to access another port.
The access point forwards the credentials to the radio server
before allowing the client to access the network.
Over time, wireless protocols included in WPA has been proven insecure.
This leaves WPA2 as the only local wireless protocol that
we should be using today.
Unfortunately, most public Wi-Fi access point are just open and
do not provide any kind of protection.
So be aware that when you connect to them, some people may be watching.
In a cellular network, we must protect the methods while it's being send from
the smartphone to the carrier network.
The first widely spread cellular protocols,
GSM and GPRS, are known to be vulnerable and would allow a skilled and
attacker to intercept and modify messages being sent through a network.
Newer protocols, such UMTS and
LTE, are considered more secured, but fail safe options can enable
an attacker to downgrade the connection to less secure versions of the protocols.
Previous security protocols secured the connection between
two consecutive nodes in the network.
In our example of scenarios, one of those was their own device and
the other the device that gave us access to the Internet.