Protexx Security Audit Cracks Cruise Lines SSL and WEP Security

Share Article

During a 3-day cruise the Protexx team cracked Radisson/Regent Cruise lines hard wired and WEP security, retrieved a million packets of information, easily compromising the ship's Internet Cafe and more. Proves same vulnerabilities exists on the ship's satellite communications. The ramifications to Worldwide shipping are enormous.

Most people, even when they're having fun on a cruise, don't realize how incredibly vulnerable their data is when it's moving over Wi-Fi. The only practical solutions are either to not use communications media that can be intercepted or is to make communications invisible with a very high level of encryption.

In a real-life version of Sneakers, the management of Radisson/Regent Cruise Lines asked Protexx, Inc. to perform a security audit on their ship's network. During a 3-day cruise the Protexx team cracked the ships hard wired and WEP security, retrieved a million packets of information, and proved that the same vulnerabilities existed on the ship's satellite communications.

Protexx then enabled its bulletproof security solution for Wi-Fi data transmission -- 2,048-bit encryption – and demonstrated that it provides unparalleled security even under the most adverse conditions in international waters during a storm. Protexx has since been enlisted to provide a single source proposal to remedy the ship's vulnerabilities.    

"Sensitive information traveling over any Wi-Fi connection – including email on cruise ships – can be easily intercepted," says Bill Tabor, Protexx, Inc. Chief Technical Officer. He adds, "Reading these intercepts generally isn't difficult because the most commonly used Internet encryption system, 128-bit SSL and many 256-bit systems, can be cracked and read with freeware."

He adds, "Most people, even when they're having fun on a cruise, don't realize how incredibly vulnerable their data is when it's moving over Wi-Fi. The only practical solutions are either to not use communications media that can be intercepted or is to make communications invisible with a very high level of encryption."

To protect sensitive data as it travels over Wi-Fi links, Protexx Inc. has created a fully portable encryption system that can be used from any computer at any Internet access point, provided the user is a Protexx subscriber. The only requirement is the user log into the Protexx server. The Protexx server software performs an authentication handshake with the pre-installed software on the user's computer. The computer and the Protexx server exchange public encryption keys, and this initializes a 2,048-bit encryption system with a rotating key.

From the first handshake, all communication between the user's computer and the Protexx server is secure. The user can then transmit and receive data from any Internet location, knowing that the Wi-Fi link is now safe from spying.

Tabor adds, "For wall-to-wall security on both ends of a communication, all it takes is for both parties to sign into the Protexx server as subscribers."

Protexx 2048 bit encryption technology has been reviewed by NSA, Hewlett-Packard, and IBM and is now in use in several high security installations. The software package can be downloaded from the company's Web site at protexx.com, and can include a biometric positive identification component which, once installed by both sender and receiver, assures complete security for transmission of data over the Internet. The company maintains its own network operating center (NOC) for use only by authorized subscribers. Each user receives a certificate authorization, admitting his computer and only his identity to the Protexx secure transmission system.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Peter Letizia
Visit website