There isn t much to HomePlug security, to tell you the truth. The standard calls for 56-bit encryption between HomePlug units. This isn t much, honestly, but on the other hand your signals don t travel as far or lend themselves to eavesdropping as much as wireless signals do. 56-bit encryption can be broken but the hackers must still gather many of your transmissions, analyze the patterns, and start churning through possible keys. This takes time, and the hackers must do this while physically plugged in to electrical wiring shared by your home or of ce. Part of the shortcut to a security challenge for an outsider is to guess your password outright, without having to analyze and churn. How do they do this By guessing your password based on the default passwords supplied by vendors. Look at the default password for a Siemens 2524 in Figure 14-11.
Figure 14-11: Setup for HomePlug security doesn t take much.
384 Part IV Linking Your Network Devices
This password is the name of the product line. Why do vendors do this For compatibility s sake. If you buy your HomePlug devices from the same vendor, they will automatically have the same password and all will be well. They will work together and have some level of security. If you mix products from multiple vendors, one of two things will happen: The passwords won t match so the units won t communicate. The units will communicate because security won t be engaged. Don t be too hard on HomePlug vendors, because all manufacturers with secure products walk the line between enforcing strong security or making life a bit easier for their customers. Did you know that some reports show that fully one third of all safes installed in the United States still have the default combination assigned by their maker If people buying a safe to protect expensive valuables don t bother to change the password for their safe, how can we blame home users who don t change their HomePlug passwords to protect digital photos of Grandma s birthday Security experts admit that appropriate security for the situation doesn t always look like much security at all. If you see a state of the art car alarm on a brand new Porsche, you think that s appropriate. If you see one on a 1994 Ford Tempo with a crumpled rear end, bald tires, smoking engine, and wrong-colored hood from a junkyard, you would laugh. The Siemens 2524 in Figure 14-11 is the unit that includes wireless (802.11b at 11 Mbps max speed), HomePlug, four local 10/100Base-T twisted pair Ethernet connections, and a rewall and other security. Every possible way to connect comes in that single cable/DSL router. I expect them to upgrade the unit for faster wireless speeds soon, if they haven t by the time you read this. If you don t recognize the Siemens name, don t feel bad. They take a lower pro le than most huge global conglomerates, but you probably have some of their products. The Yahoo SBC DSL modem I have is a SpeedStream 5100 from Ef cient Networks. Recognize the SpeedStream name Siemens owns Ef cient Networks and makes deals with many of the cable and DSL service providers to use their cable and DSL modems. Every HomePlug device I have examined requires a Windows PC of some avor to run con guration programs (if there are any). Sometimes, as with the Siemens Web-based con guration shown in Figure 14-11, all management occurs through browsers. Any browser will work, although a few vendors still (foolishly) write pop-up windows and controls that work with only Microsoft s Internet Explorer. After con guration, HomePlug devices take any and all Ethernet signals from any network device and bridge them to your power line network for transmission. Why is this important Because all network devices are compatible with con gured HomePlug devices, which provides great exibility in arranging your network to your home or of ce.
