5 Wi-Fi Myths Busted

In BICSI Blog by info@bicsi.com.au

5 Wi-Fi myths busted
Wi-Fi networks grow exponentially and there is a need for it, because of the many client devices like smartphones, tablets and wireless Internet of Things (IoT). Here are 10 Wi-Fi Myths related to wireless service availability, performance and security.

Myth No. 1 – Turn the transmit power (“Tx”) to the maximum level on the Access Point (AP)
The “higher the better” does not always work. In this case the Radio Frequency (RF) coverage area might be larger (e.g. in an apartment to cover multiple rooms) and the end-user devices can see the wireless network and signal quality (“the green bars”). The issue is that the end-user devices are also radio transmitters and need to communicate back to the AP, but these transmitters are set at lower levels and maybe the AP cannot hear the end-user devices. Another issue is the so called “hidden node” problem as in Wi-Fi networks it is important that all the client devices and the AP can hear each other to communicate properly (compare it with a classroom where students are asking questions to a trainer and another classroom where students are asking questions to the same trainer in the room next door. The trainer gets confused and does not know who to listen to).
In a nutshell turning down the transmit radio on the AP is often better to create a balance of transmit powers between the clients and the AP, but what about the RF coverage?

Myth No. 2 – Use High Gain antenna’s or Wi-Fi repeaters to extend the Radio Frequency (RF) coverage
Here again the “higher the better” does not work. In this case the higher-gain antenna will increase the RF range, but it is also changing the way the wireless signals get propagated. For example, in classes I compare the omni-directional “low gain” antenna which creates a kind of “donut” shape with the “high gain” antenna creating a “pan cake” shape. If you mount the antenna’s high at the ceiling you can imagine that the high gain is sending the wireless signal over the head of the client devices.
Another device you see in home environments are “repeaters”, they also extend the RF coverage areas by repeating the Wi-Fi signals, but if it is a single radio device it is impacting the performance (as radio communication is “half-duplex”, they either communicate to the AP or they communicate to the client in a “walkie talkie” type of communication). Repeaters with dual radios built-in might work faster as one radio communicates to the client and the other to the AP.
In summary, you need to understand the antenna RF propagation patterns and select the right one to cover the areas accordingly depending on the building environment. It is better not to use repeaters as it slows down the wireless network communication and if possible lay a backbone ethernet cables closer to the area and install another AP to cover that area. In home environments, you might consider Wi-Fi over power devices (using the electricity cabling) or it might be better to use APs that support the mesh protocol (proprietary Mesh or IEEE 802.11s) for communication as it sets up redundant wireless links and is more efficient in distributing the protocol.

Myth No. 3 – My Wi-Fi network is slow
First of all, we need to look at the capabilities of the AP, like the protocols supported IEEE 802.11 a/b/g/n/ac and which frequencies it supports, preferable dual-band 2.4 GHz and 5 GHz. Then check if the Wi-Fi clients support these protocols as well to support these speeds. In addition, for IEEE 802.11n and 802.11ac there is the so called “number of spatial streams” and bandwidth (20 MHz, 40 MHz, 80 MHz) which also impacts the speed in the end. Related to Myth No. 1 and 2. distance is influencing the speed as well “the further away the lower the speed”. Speed (known as “data rate”), which you typically see on the end-user device, is different from the “throughput”. Speed is the connection speed, while throughput is affected how many devices are communicating through the AP and some other protocol related factors are related to it as well.
From an RF perspective, you also need to see how many APs and client devices are communicating on the particular channel (there are many tools to visualize APs, but less tools also to show the client devices). How busy the channel is (“Channel Utilization”), if there are overlapping/neighbouring APs impacting the other channels and if there are non-Wi-Fi devices impacting the unlicensed frequencies (like motion detectors, microwave ovens, etc.).
In addition, you need to look at the backhaul connectivity as well, including the cabling and speeds, switches, routers, servers (DHCP, DNS, Application servers, etc.), security devices and settings (firewalls, access control, VPNs, etc.) and understand how the application on the end-user device goes through the ICT infrastructure and reaches the other end and vice versa.
In summary, you need to understand the complete end-to-end communication infrastructure to determine if it is really the Wi-Fi network being slow or another ICT part of the service provided.

Myth No. 4 – I can connect as many Wi-Fi and Internet of Things (IoT) devices to my Access Point
Typically, vendors publish in their datasheets max. concurrent devices or max. device association lists which means how many devices can connect to the AP. If all devices are going to send large files or download videos over the AP then it is another story, because now the AP and client devices need to coordinate the Wi-Fi protocols between each other. Without professional Wi-Fi tools like Spectrum analyzers, Protocol analyzers, etc. it is a bit difficult to visualize it, but tests and research has shown that with around 20-30 devices there are RF channel limitations and also the AP and radio are reaching its capacity limits.
It is important to dimension a Wi-Fi network for capacity, especially in high density environments like stadiums, shopping malls, conference centers, train stations it can be challenging. Besides the capacity also association tables can be filled up easily when public Wi-Fi networks are used and clients are moving around.

Myth No. 5 – I am 100% secure using WPA2-PSK with CCMP/AES encryption
Typically, the maximum-security level that can be configured on home Wi-Fi access points is WPA2-PSK (Wi-Fi Protected Access / Pre-Shared Key) and CCMP / AES (Counter block Chaining Message Authentication Protocol, Advanced Encryption Standard). But often these are also used in office networks, e.g. to provide access to guests, vendors and suppliers.
You might have created a very long password using all kind of special characters and theoretically it will take days/weeks/years to reverse engineer it (known as cracking / hacking / brute force attacks), but here are the issues as there are other ways to obtain the password.
1. In offices or at home the password need to be distributed to someone to use the (guest) network. It is either displayed on a sign on a table, written on a label on the AP itself or communicated verbally by the employees, or simply ask for it. There are even cases where researchers were able to reverse engineer the password of home routers supplied by the telco’s (which looks similar as a “MAC-address”, a kind of hardware identifier). It is also possible to capture the authentication frames (known as the 4-way handshake) and make use of a dictionary full of passwords and try one by one (therefore create a difficult password).
2. Once the password is known, of course the person can access the network and scan around for other “interesting” network resources, like other end-users on the network, network attached storage devices and making use of the internet services (note in the case of your home AP, that you are accountable of what is communicated over the AP)
3. Furthermore, with advanced protocol analysis software it is also possible to decrypt the content of the communication (data / voice / video traffic) even when it is CCMP/AES encrypted, but the 4-way handshake (and beacon with SSID) is required. Either the person waits until someone connects or he first de-authenticates the end-user and wait until he re-established the connection again.
There are solutions in the market, but not well adopted yet, like IEEE 802.11w (“Protected Management Frames” or Cisco’s proprietary Management Frame Protection), it means that both client and AP need to support it and it will avoid the “de-authentication” of the frames.
Proprietary solutions PPSK (Personal PSK, Private PSK), here each end-user device has its own security key password, this is useful for Internet of Things (IoT) devices in case the password is known for one device you cannot automatically decrypt someone else’s traffic.
WPA2-Enterprise (CCMP/AES), also known IEEE 802.1X / EAP (Extensible Authentication Protocol) with 3rd party authentication services (like RADIUS – Remote Authentication Dial-In User Services), in theory a Man-In-The-Middle (MITM) attack can be done, by spoofing the RADIUS service and lay the responsibility at the end-user to accept the certificate showing in the Pop-up window. Not all end-users are tech savvy and just press “yes – accept”

Maybe WPA2-Enterprise technology need to be adopted in home APs as well (like a little RADIUS server built-in the AP) depending if the clients support this protocol. Also, there are discussions to maybe come-up with a new protocol known as “WPA3”
Last but not least for home APs, check to turn-off “WPS” (Wi-Fi Protected Setup), the PIN-based or Push Button solution to connect securely has been compromised as well and is a backdoor. You can verify if it is still enabled with reconnaissance tools.

By Ronald van Kleunen
Certified Wireless Network Expert (CWNE) / BICSI Member since 2011
CEO Globeron Pte Ltd
ronald@globeron.com / Twitter: @globeron