If you read my weekly GottaBeSecure articles, you’ll know that WiFi security is one of my favorite topics. Many people ask me, however, whether cell phone data cards (AKA mobile broadband or air cards) are any more secure? Assuming you’re worried about your average black hat hacker or your snooping next door neighbor, the answer is definitely “yes.” Air cards beat WiFi for security hands-down. Why? Let me offer a few proofs that hopefully put things into perspective.
First, the technology used for cellular data cards is very different than that used for WiFi. WiFi operates in an unlicensed radio frequency band located around 2.4 GHz and is patterned after insecure Ethernet protocol. There are numerous other products that send and receive communications in that same frequency band (cordless phones, Bluetooth devices, wireless cameras, etc.). As such, it should come as no surprise that communications in this frequency range are not protected nor are they secure. Also, the WiFi protocol is very similar to wired Ethernet (just without the wires), which is based on a “party line” concept. All that is needed to receive (or intercept) WiFi communications is a WiFi adapter and the proper software drivers to cause your WiFi card to listen to all network traffic.
Cellular data cards (for instance the Verizon air card) operate in licensed and restricted frequency ranges around 850 MHz and 1900 MHz using a technology called CDMA (Code Division Multiple Access). What does that mean? Simply put, it means you can’t listen in on other people’s data communications as easily because the system is designed to be secure through the use of spread spectrum technology and pseudo-random codes that encrypt communications to and from the mobile and base stations (for more details, see this paper on CDMA security).
Still not convinced? Did I mention it’s illegal to monitor or intercept cellular communications? Now I know hackers don’t care about laws, but given the huge volumes of WiFi traffic that is free for the taking, why risk jail time to intercept cellular communications (by the way, depending on where you are and what you’re doing, intercepting WiFi may also be illegal).
Finally, one additional piece of evidence I would offer is from a recent article on WiFi security. In the article, Chief Technology Officer of Errate Security (and creator of the famous Ferret data seepage tool), David Maynor, comments that he uses a cellular broadband data card rather than public WiFi to protect his data. He also recommends you do the same.
So, to summarize, cellular data cards are more secure that WiFi because:
- The CDMA technology air cards use has built-in security
- It’s illegal to intercept cellular communications
- Security experts like David Maynor trust air cards over WiFi
I am always impressed with how much GBM readers know about the various topics I cover; if you have some special insight into this subject, I’d love to hear from you!