• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • Daily Security Bytes
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Coffee and Wi-Fi with Ryan Orsi

May 28, 2019 By Milena Babayev

On May 14-16 Washington D.C. hosted Wi-Fi NOW 2019 USA ‘Celebrating 20 Years of Wi-Fi’ conference and expo. Surrounded by all the Wi-Fi industry players who gathered together to present and discuss future opportunities and challenges – it was the place to be! For three days, the conference agenda was packed with inspirational keynote speakers, innovators, and experts. At the expo, you experienced live demos and had the opportunity to connect with companies representing every aspect of the Wi-Fi industry.

While at the event, I took the opportunity to connect with Ryan Orsi, director of product management, at a nearby coffee shop. As we sat down, it felt appropriate to ‘cheers’ with our coffee mugs and offer congratulations, since shortly before Ryan delivered the message about just how vulnerable Wi-Fi users are, that there is not enough education about the very real threats they’re up against when using Wi-Fi every day, and the need for new Wi-Fi security standards. Here’s a recap of our Q&A:

Milena Babayev-Gurvits: We are celebrating the 20th anniversary of Wi-Fi. Where do you think Wi-Fi will be 20 years from now?

Ryan Orsi: To try to think about where Wi-Fi will go in the next twenty years is a tall order. If I forget, for a moment, what APs and clients devices look like today as well as their limitations like battery life, security of the connection, and just think about what kinds of problems the world twenty years from now will need to solve, I see everything getting faster, smaller, and more secure. We all love the convenience of staying connected wherever we go and we like information coming to us in more visual and interactive ways. We also hate carrying bulky electronics around or slapping big honking devices around our homes and offices that ruin the Feng Shui going on. This means that twenty years from now versions of us are going to want everything, literally everything connected and it better be fast, inexpensive, tiny (not implying Zoolander size mobile phones) and not leak personal or business information. I’ve seen brilliant advancements in antenna technologies that could allow Wi-Fi devices to be made much smaller and other technologies like energy harvesting that could power Wi-Fi devices with no batteries. I also think the average person is going to hear the message about Wi-Fi security and the pressure to design better security into Wi-Fi devices will be very high. Over time, I think these kinds of advancements, and more I’m not even thinking of now, will become cost- effective and we’ll all be enjoying secure Wi-Fi connectivity in whole new ways twenty years from now.

MB: Over 90% of people find Wi-Fi the most important amenity when they travel. Why do you think the general public is not as cautious about connecting to public Wi-Fi as they should be?

RO: Have you ever seen those caution signs on the jetway when you board a plane that warn people that there are chemicals nearby that are known to cause cancer, birth defects and other medical problems? Rhetorical question there. I travel a lot –like, a lot –and have never seen a single person read the sign and do a one-eighty. So these warning signs are there to educate us, raise awareness of a serious issue that effects our health and still most everyone ignores them. When’s the last time you saw a warning message on a public hotspot saying “use the Wi-Fi at your own risk, everything you’re doing could be stolen by someone nearby”?  We have a long way to go in just raising the general public’s awareness to the seriousness of the dangers of using Wi-Fi that’s not properly protected from well-known hacks. That’s one of the reasons we brought the Trusted Wireless Environment Framework into the industry. For the first time, people can have their Wi-Fi tested to see if it’s safe from the six attacks that have literally been around for twenty years. I think it should empower hotspot network operators to test their Wi-Fi security and if it passes the test, advertise it to let people know “this Wi-Fi can be trusted, and you won’t be hacked”.

MB: Every presenter at the Wi-Fi NOW 2019 touched on Wi-Fi 6. Is it really that much faster?

RO: Faster is just one benefit and I should say faster in a real-world dense environment. Those of us who have been around wireless for a while don’t get too excited about cabled laboratory speed tests. Wi-Fi 6 brings OFDMA among other features that will really make users in the real world feel Wi-Fi work better, more reliably, and yes faster. I’m excited about where Wi-Fi will go with this sixth generation. If you think about areas you tend to turn Wi-Fi off on your phone because it just “doesn’t work” and go try cellular, many of those use cases could now be addressed much better with Wi-Fi 6. Large indoor public areas come to mind, for example. The future is bright for Wi-Fi thanks to the folks that have put together this sixth generation; can’t wait to see where we go from here.

MB: And does Wi-Fi 6 mean better security?

RO: Some people mix in WPA3 into the discussion about Wi-Fi 6 and that’s fair because most vendors are going to support WPA3 with their Wi-Fi 6 products. So yes, WPA3 is better than WPA2, which was completely cracked in 2017 and shocked many of us; that in fact WPA2 had been broken for ten years before the whistle was blown. Without going too deep, one of the security improvements of WPA3 is that people shouldn’t be able to passively sniff traffic as easily anymore as is common with malicious and even bored people at hotels, airports, and so on. Also, it’s a bit of a sore subject but WPA3 should eliminate the easy-to-do “handshake” Wi-Fi password cracking techniques that WPA2 suffered from. Sore subject because the Dragonblood vulnerabilities, now patched, showed that WPA3 could still be vulnerable.

MB: Since we’re talking about Wi-Fi security, why do you think the Wi-Fi industry has not adopted any standards around Layer 2 security?

RO: Most all the demand over the last twenty years has been for connectivity and performance. The industry isn’t going to build something if they don’t think their market wants it. I definitely want this to change and I think vendors that normally compete need to come together and design new security into the Wi-Fi standard that solves these hacking problems for the average person without them having to take additional steps beyond what they do today: tap or click to connect.

MB: I’ve been following #TrustYourWiFi hashtag on social media and see that you’ve been traveling the world advocating for safe Wi-Fi for everyone. Where are you off to next?

RO: What a first half of 2019 it’s been! Spain, Germany, Chile, Italy, The Netherlands, Denmark, Sweden, Puerto Rico, Washington DC, Croatia and I’m probably forgetting some stops. I go where people want to learn what they’re up against with Wi-Fi security. One of my next stops is going to be in Utah where members of the AIM (an Association for Information Management – security) group want to learn.

With just minutes left of our meeting, I couldn’t resist and snuck in a few non-Wi-Fi-related questions (you’re welcome!):

MB: How do you spend your free time?

RO: Anytime there’s not a laptop, camera, or AirPod around, I’m spending time with my wife and two young boys in San Diego. Everything we do, we do as a team like day hiking 14-mile trails, camping, crawling the zoo, or living it up on the Coronado Island beaches. Let’s say Team Orsi works hard and plays hard, too.

MB: What’s one food item you can’t live without?

RO: Avocado. I’m unapologetically Californian and we put that amazing fruit on many things.

MB: What are you reading right now?

RO: Astrophysics for People in a Hurry by Neil deGrasse Tyson. Nerd alert, I love space, string theory, dark matter and energy.

MB: Favorite place you’ve ever visited?

RO: That’s a hard one but Tarragona on the Mediterranean cost of Spain is near the top of the list. My wife and I took the boys there last summer and the place was amazing.

MB: If you weren’t a director of product management, who would you be and why?

RO: Product management is pretty fulfilling, especially at WatchGuard where I get to make an impact and that’s really what drives me is to be able to impact the world nudging it to a better future. If I was in one of Neil’s parallel universes, I suppose I’d be your Californian tech startup entrepreneur. I’ve done several startups and highly recommend everyone get that experience at least once in life!

And it’s a wrap, folks!

At the end of the day, it’s critical every organization understands that most Wi-Fi products available today simply aren’t enough when it comes to the level of security they can provide, and for users to remain educated about the very real threats they’re up against when using Wi-Fi every day.

To join the Trusted Wireless Environment Movement and advocate for a global security standard for Wi-Fi visit TrustedWirelessEnvironment.com

Until next time!

Share This:

Related

Filed Under: Editorial Articles, Featured Tagged With: 6 known wi-fi threat categories, access points, public wi-fi, secure wifi, travel, Wi-Fi, wi-fi 6, wi-fi now, wi-fi security, wi-fi travel

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • USA’s Answer to GDPR
  • Rolling PWN

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Private Sector Offensive Actors
  • USA’s Answer to GDPR
  • Rolling PWN
  • Over a Billion Records Leaked in Shanghai National Police Database Hack
  • LockBit Ransomware Group Introduces Bug Bounties and More
View All

Search

Archives

Copyright © 2022 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use