Slashdot Mirror

BobB-nw sends along news based on yet another press release in advance of the Black Hat conference: a claimed vulnerability in WPA2 Enterprise that leaves traffic open to a malicious insider. "...wireless security researchers say they have uncovered a vulnerability in the WPA2 security protocol, which is the strongest form of Wi-Fi encryption and authentication currently standardized and available. Malicious insiders can exploit the vulnerability, named 'Hole 196' by the researcher who discovered it at wireless security company AirTight Networks. The moniker refers to the page of the IEEE 802.11 Standard (Revision, 2007) on which the vulnerability is buried. Hole 196 lends itself to man-in-the-middle-style exploits, whereby an internal, authorized Wi-Fi user can decrypt, over the air, the private data of others, inject malicious traffic into the network, and compromise other authorized devices using open source software, according to AirTight. 'There's nothing in the standard to upgrade to in order to patch or fix the hole,' says Kaustubh Phanse, AirTight's wireless architect who describes Hole 196 as a 'zero-day vulnerability that creates a window of opportunity' for exploitation." Wi-Fi Net News has some more detail and speculation.

eggboard writes "Martin Beck, who in 2008 co-wrote a paper describing a way to inject packets into a secured Wi-Fi system, is back with a more extensive exploit. His 'Enhanced TKIP Michael Attacks' still don't allow extraction of a key, and are limited to TKIP (not AES-CCMP) WPA-protected networks. Still, he's figured out how to put in large payloads, and to extract data sent from an access point to a client — all without cracking the network key. The attack requires proximity to sniff and inject data, but it's another crack in the older key standard (TKIP) that no one with serious security interests should still be using." Here is Beck's paper (PDF) describing the new attacks.

An anonymous reader writes "There's been a lot of talk lately about the concept of Personal Area Networks. At CES Intel and Connectify both released software that turns Windows laptops into Access Points for file transfers, wirelessly syncing pictures from cameras, and Internet sharing. This is good, maybe great, if you're a road warrior, but what about the rest of us holed up in apartment buildings and small neighborhoods? We already have to deal with the wireless chatter of the 50 or so other Linksys routers in the vicinity. What will happen when every laptop also acts as a software router? To add fuel to the fire, Intel and Netgear also announced the Push2TV device that allows you to stream your display, including Netflix videos straight to your television. Isn't this going to kill lower powered 2.4 GHz devices, like Bluetooth mice and headsets? When does the 2.4 GHz band collapse completely? Why can't we push all this short range, high bandwidth stuff onto 5 GHz?"

Glenn Fleishman lets us know that Verizon is finally offering nationwide Wi-Fi access to its high-speed Internet customers, long after Cablevision's similar service went live. While Cablevision is building out an in-house network of hotspots, Verizon is relying on a deal with Boingo Wireless — a strategy with both strengths and drawbacks, as Wi-Fi Net News points out. Neither Verizon's nor Boingo's announcement reveals the mechanics of how existing Verizon DSL and FiOS customers will get access, but an AP report spells it out: "To use a hotspot, the customer must install software that works only on computers with Windows Vista or XP installed. Phones, iPods, and Macintosh computers with Wi-Fi can't access the hotspots."

Glenn Fleishman lets us know that Verizon is finally offering nationwide Wi-Fi access to its high-speed Internet customers, long after Cablevision's similar service went live. While Cablevision is building out an in-house network of hotspots, Verizon is relying on a deal with Boingo Wireless — a strategy with both strengths and drawbacks, as Wi-Fi Net News points out. Neither Verizon's nor Boingo's announcement reveals the mechanics of how existing Verizon DSL and FiOS customers will get access, but an AP report spells it out: "To use a hotspot, the customer must install software that works only on computers with Windows Vista or XP installed. Phones, iPods, and Macintosh computers with Wi-Fi can't access the hotspots."

Hugh Pickens writes "Business Week reports that the Chinese government has received an application from Apple seeking a Network Access License to sell the iPhone for officially-sanctioned use in the country. However, the application is for an iPhone that does not include Wi-Fi connectivity, a sticking point in negotiations with the Ministry of Industry and Information Technology, which wants the phone to only run on the cellular networks. 'Apple was hellbent on having the iPhone be Wi-Fi-enabled,' says analyst Matt Mathison. 'The Chinese government has been just as adamant that it not be.' For many years now, China ministry officials told wireless consumers that Wi-Fi would not be allowed on mobile phones for fear that consumers might be tempted to illegally load VoIP apps and make calls over the Net, undermining carriers' interests. However Glenn Fleishman says that China uses WAPI, a homegrown proprietary extension to Wi-Fi that only a handful of Chinese manufacturers have access to, and that equipment sold in China must have WAPI support and chips made in China. Fleishman speculates that China's WAPI standard contains backdoor technology to allow China to monitor any communications sent over 'secure' links."

judgecorp writes "A new vendor group has promised a Gigabit wireless specification by the end of this year. The Wireless Gigabit (WiGig) spec is apparently 80 percent done and, since it is aimed at high-definition TV, it has to go at more than 3Gbps. There's around 7GHz of spectrum freely available in the 60GHz band, so it's technically feasible, and with all the major Wi-Fi silicon vendors on board (as well as Microsoft, Dell, Nokia and others) WiGig looks to have the political muscle too. They should be aware of the Sibeam-led WirelessHD group, though, already in the 60GHz space, and Ultrawideband (UWB) is not dead, as there are actual, real UWB products."

Glenn Fleishman writes "T-Mobile sent me the text of a lawsuit they filed yesterday against Starbucks. The telecom firm alleges that Starbucks didn't involve it in any discussions to launch their free loyalty program Wi-Fi service this week with AT&T. AT&T is gradually taking over hot-spot operation from T-Mobile, market by market over the course of 2008. T-Mobile told me Starbucks is essentially giving away something that isn't theirs. T-Mobile has sued to halt the two-hours-a-day of free service, and is asking for money to cover losses. This might sound like sour grapes, but T-Mobile still operates most of the network, and says that the terms to which they agreed with Starbucks and AT&T for the transition and with AT&T for bilateral roaming don't cover this situation at all. Maybe free access in exchange for buying a cup of joe every 30 days was too good to be true (this soon)."

Glenn Fleishman writes "T-Mobile sent me the text of a lawsuit they filed yesterday against Starbucks. The telecom firm alleges that Starbucks didn't involve it in any discussions to launch their free loyalty program Wi-Fi service this week with AT&T. AT&T is gradually taking over hot-spot operation from T-Mobile, market by market over the course of 2008. T-Mobile told me Starbucks is essentially giving away something that isn't theirs. T-Mobile has sued to halt the two-hours-a-day of free service, and is asking for money to cover losses. This might sound like sour grapes, but T-Mobile still operates most of the network, and says that the terms to which they agreed with Starbucks and AT&T for the transition and with AT&T for bilateral roaming don't cover this situation at all. Maybe free access in exchange for buying a cup of joe every 30 days was too good to be true (this soon)."

Glenn Fleishman writes "EarthLink dropped its final bombshell on city-wide Wi-Fi, saying that it wouldn't put more money in and was talking to their current deployed cities about the future. The company had won bids in dozens of cities, and then backed out of the majority of them before building or finalizing contracts a few months ago. The remaining towns they were building out, like New Orleans, Anaheim, and Philadelphia, will ostensibly be turned off unless local officials come up with scratch or a plan of their own. EarthLink pioneered the model of free-for-fee networks, where there would be no cost or upfront commitment from cities, and EarthLink would charge for network access. Apparently, you can't make money that way."

Glenn Fleishman writes, "One of the most irritating things about draft-n wireless gear being released this year is that there have been no guarantees from any chipmaker or manufacturer that today's devices — loosely based on the IEEE 802.11n Draft 1.0 — will be upgradeable through firmware to the final standard. Several computer makers now bake draft-n adapters into their laptops as an option, which is even more troublesome. Today ASUS, which uses the Broadcom chipset, said that they will swap out hardware if necessary for any draft-n gateways and adapters they ship until the end of 2006. If firmware upgrades aren't enough, they'll replace your hardware, with you paying just the shipping. Of course, they're guaranteeing compatibility with the March 2008 expected ratified version of 802.11n, but it still means that you won't be left with equipment that only works well with itself."

Glenn Fleishman writes "Panasonic's avionics division may relaunch Connexion by Boeing by using similar technology that's better, cheaper, and lighter. The company said today that they were looking to get airlines to commit to 500 planes within 60 days, and already had 150 aircraft committed. They'd still use Ku band, but have a cheaper and smaller set of leases. Connexion had at least $120m in yearly fixed expenses, a large part of which was transponder licenses. The new service would provide 12 Mbps down and 3 Mbps (versus Connexion's 5 Mbps/1 Mbps), and be priced conceivably as low as $10 per session wholesale, with airlines choosing to not mark up rates. With that higher rate, even with latency, in-flight VoIP seems more achievable at a reasonable cost, although some airlines may choose to block VoIP services. I reported for The Economist magazine last week about mobile phones in flight (services coming in Europe in 2007). Three U.S. airlines told me that American passengers have very low interest or negative interest in allowing any voice (cell or otherwise) during flights. Europeans, with shorter flights and lower expectations of privacy perhaps, are more open to it." We covered the story back when Boeing decided to scrap Connexion.

Glenn Fleishman writes "Apple tells Macworld.com that the Wi-Fi exploit demonstrated at Black Hat 2006 in a video doesn't show a flaw in their hardware or software. A third-party USB adapter with different chips and drivers was used, and Apple says the two researchers haven't provided Apple with code or a demonstration showing a working exploit on Apple equipment. The researchers added a note at their Web site confirming that only an unnamed third-party adapter was used. This doesn't mean the researchers have no flaw to show, but rather that their nose-thumbing at Apple users who were too secure in their security was misplaced, at least at present. The researcher's claim that they were providing information to Apple now seems off-base, too."

Glenn Fleishman writes "Last month, Slashdot and others wrote about how the Linksys WRT54G, a popular embedded Linux-based Wi-Fi gateway, had switched to VxWorks's OS for its v5 release. Because the WRT54G has become the standard as a cheap commodity device for building your own platform (like Sveasoft, Fon, and many others), this seemed like a big blow to hackers and developers. If you could still manage to flash the device--not sure if that was possible--it had half the RAM and flash of the v4 model. It turns out Linksys wasn't killing the Linux model. They've released it as the WRT54GL with v4.30.0(US) firmware and will sell it under that name for about $70 retail. It's already in stock and the new firmware is on their GPL software download page. Linux sales represent a few percentage points of their overall volume, based on the Linksys product director's remarks. The lesser quantity of RAM puts money back in their pockets on the mainstream model."

Glenn Fleishman writes "According to an article at Indolink a 10-centimeter diameter windmill can produce the 7.5 milliwatts needed for a wireless sensor. The paper was published earlier (available as a PDF), but Nature magazine has apparently picked up the tidbit. The process flexes piezoelectric crystals to create a current. Although flywheels aren't mentioned in this article, it seems like a windmill, a flywheel, and a solar cell could in combination produce effective power in a range of conditions for remote wireless devices, including network relays obviating batteries entirely."

meaning writes "Business 2.0 reports on the possibility of Google building a national broadband network and giving Wi-Fi access to everyone in America. From the article: 'So once the GoogleNet is built, how would consumers connect for free access? One of the cheapest ways would be for Google to blanket major cities with Wi-Fi, and evidence gathered by Business 2.0 suggests that the company may be trying to do just that. In April it launched a Google-sponsored Wi-Fi hotspot in San Francisco's Union Square shopping district, built by a local startup called Feeva. Feeva is reportedly readying more free hotspots in California, Florida, New York, and Washington, and it's possible that Google may be involved.'"

Glenn Fleishman writes "Victrola Cafe and Art in Seattle is a popular coffeeshop that offers free Wi-Fi--except on the weekends. In an experiment, the cafe started shutting down its Wi-Fi network on Saturdays and Sundays after watching their culture erode: the shop became full (and was turning away customers) with six-to-eight hour Wi-Fi squatters, many of whom didn't even purchase anything. Their second Sunday without Wi-Fi was one of their best revenue days in some time. I don't propose a Wi-Fi (or free Wi-Fi) backlash, but it's interesting how with some time under their belt, the clash of inward facing technology and outward facing culture hit these particular entrepreneurs' limit."

Glenn Fleishman writes "Victrola Cafe and Art in Seattle is a popular coffeeshop that offers free Wi-Fi--except on the weekends. In an experiment, the cafe started shutting down its Wi-Fi network on Saturdays and Sundays after watching their culture erode: the shop became full (and was turning away customers) with six-to-eight hour Wi-Fi squatters, many of whom didn't even purchase anything. Their second Sunday without Wi-Fi was one of their best revenue days in some time. I don't propose a Wi-Fi (or free Wi-Fi) backlash, but it's interesting how with some time under their belt, the clash of inward facing technology and outward facing culture hit these particular entrepreneurs' limit."

Cryofan writes "The fight in Texas is heating up over municipal wireless. Texas House Bill 789, under consideration in Texas, would impose one of the most extreme bans on municipal involvement in any form of communications--free or otherwise (the bill could ban free library access)."

Glenn Fleishman writes "A report issued today by the New Millennium Research Council (NMRC) and The Heartland Institute says that municipalities shouldn't build wireless networks because it's anti-competitive and will waste taxypayer dollars. The report has some interesting points (mostly about building fiber networks), but eWeek (second page) uncovered that NMRC is a subsidiary of Issue Dynamics, which is a lobbying firm that represents most US telcos and cable operators. It's astroturf. The Heartland Institute won't reveal its funders. I wrote a long account trying to track down the connections between the sock puppets involved in publicizing the report."

Glenn Fleishman writes "A report issued today by the New Millennium Research Council (NMRC) and The Heartland Institute says that municipalities shouldn't build wireless networks because it's anti-competitive and will waste taxypayer dollars. The report has some interesting points (mostly about building fiber networks), but eWeek (second page) uncovered that NMRC is a subsidiary of Issue Dynamics, which is a lobbying firm that represents most US telcos and cable operators. It's astroturf. The Heartland Institute won't reveal its funders. I wrote a long account trying to track down the connections between the sock puppets involved in publicizing the report."

Glenn Fleishman writes "The folks at TinyPEAP released a cracking tool to break Wi-Fi Protected Access (WPA) keys. WPA is the replacement for weak WEP keys in the original 802.11b specification. Robert Moskowitz of ICSA Labs released a paper almost exactly a year ago documenting how WPA keys that were short and lacked randomnness could be subject to cracks. This tool automates the process. Moskowitz advised choosing passphrases of more than 20 characters or generating random keys of at least 96 bits, but preferably 128 bits. Some tools exist to produce better keys, including chipmaker Broadcom's SecureEZSetup (in selected hardware) and Buffalo Technologies' hardware-based AOSS for automatic key generation and propagation. Enterprise-based WPA with 802.1X doesn't have this weakness: each user gets a long WPA key that's randomly generated and uniquely assigned--and can be frequently changed during a session."

Glenn Fleishman writes "The folks at TinyPEAP released a cracking tool to break Wi-Fi Protected Access (WPA) keys. WPA is the replacement for weak WEP keys in the original 802.11b specification. Robert Moskowitz of ICSA Labs released a paper almost exactly a year ago documenting how WPA keys that were short and lacked randomnness could be subject to cracks. This tool automates the process. Moskowitz advised choosing passphrases of more than 20 characters or generating random keys of at least 96 bits, but preferably 128 bits. Some tools exist to produce better keys, including chipmaker Broadcom's SecureEZSetup (in selected hardware) and Buffalo Technologies' hardware-based AOSS for automatic key generation and propagation. Enterprise-based WPA with 802.1X doesn't have this weakness: each user gets a long WPA key that's randomly generated and uniquely assigned--and can be frequently changed during a session."

Glenn Fleishman writes "The folks at TinyPEAP released a cracking tool to break Wi-Fi Protected Access (WPA) keys. WPA is the replacement for weak WEP keys in the original 802.11b specification. Robert Moskowitz of ICSA Labs released a paper almost exactly a year ago documenting how WPA keys that were short and lacked randomnness could be subject to cracks. This tool automates the process. Moskowitz advised choosing passphrases of more than 20 characters or generating random keys of at least 96 bits, but preferably 128 bits. Some tools exist to produce better keys, including chipmaker Broadcom's SecureEZSetup (in selected hardware) and Buffalo Technologies' hardware-based AOSS for automatic key generation and propagation. Enterprise-based WPA with 802.1X doesn't have this weakness: each user gets a long WPA key that's randomly generated and uniquely assigned--and can be frequently changed during a session."

Glenn Fleishman writes "Acacia Technologies is turning its sights from collecting streaming media patent fees to Wi-Fi hotspot gateway redirection, we report at Wi-Fi Networking News. The company acquired a patent that they say covers the use of technology that redirects a login attempt by an unauthenticated user to a login gateway page. They want a minimum of $1,000 per quarter in royalties. Nomadix already claims a patent on this, while we quote an early Wayport executive who says that Wayport has prior art on it. Will community hotspots using NoCatAuth fall under this patent-enforcement attempt? Too early to tell."

Glenn Fleishman writes "Acacia Technologies is turning its sights from collecting streaming media patent fees to Wi-Fi hotspot gateway redirection, we report at Wi-Fi Networking News. The company acquired a patent that they say covers the use of technology that redirects a login attempt by an unauthenticated user to a login gateway page. They want a minimum of $1,000 per quarter in royalties. Nomadix already claims a patent on this, while we quote an early Wayport executive who says that Wayport has prior art on it. Will community hotspots using NoCatAuth fall under this patent-enforcement attempt? Too early to tell."

Glenn Fleishman writes "Acacia Technologies is turning its sights from collecting streaming media patent fees to Wi-Fi hotspot gateway redirection, we report at Wi-Fi Networking News. The company acquired a patent that they say covers the use of technology that redirects a login attempt by an unauthenticated user to a login gateway page. They want a minimum of $1,000 per quarter in royalties. Nomadix already claims a patent on this, while we quote an early Wayport executive who says that Wayport has prior art on it. Will community hotspots using NoCatAuth fall under this patent-enforcement attempt? Too early to tell."

Glenn Fleishman writes "We just filed a story at Wi-Fi Networking News about how the FCC recently and quietly approved rules that will allow the legal use of the Pringles can and other antennas. Currently, it's clearly illegal--even though it's incredibly easy--to swap out a manufacturers' antennas from a Wi-Fi access point with an antenna of your choosing. It's legal to sell antennas; not legal to deploy them. Call it the switchblade kit rule: legal to sell, but don't assemble. The FCC's new rule provides a middle ground: a manufacturer can certify their hardware with the highest gain legal antennas of each type (yagi, omni, etc.) and then end-users can swap in antennas of equal or lesser signal characteristics. It's an important move because it removes the potential for community wireless and individual users to be prosecuted for illegal antennas once new certifications are in place."

Glenn Fleishman writes "We just filed a story at Wi-Fi Networking News about how the FCC recently and quietly approved rules that will allow the legal use of the Pringles can and other antennas. Currently, it's clearly illegal--even though it's incredibly easy--to swap out a manufacturers' antennas from a Wi-Fi access point with an antenna of your choosing. It's legal to sell antennas; not legal to deploy them. Call it the switchblade kit rule: legal to sell, but don't assemble. The FCC's new rule provides a middle ground: a manufacturer can certify their hardware with the highest gain legal antennas of each type (yagi, omni, etc.) and then end-users can swap in antennas of equal or lesser signal characteristics. It's an important move because it removes the potential for community wireless and individual users to be prosecuted for illegal antennas once new certifications are in place."

Glenn Fleishman writes "On the heels of Linksys's WRT54G problem of not allowing remote access to be disabled in certain cases and firmware, BugTraq published this report that NetGear's WG602 access point has a hidden password that provides remote and local administrative control. Unlike Linksys's, where turning the firewall on (which is on by default, but a researcher found new units in which it was off when taken out of the box), the NetGear hole cannot be disabled. The backdoor seems to have been created by the vendor that packaged the device for NetGear."

Glenn Fleishman writes "According to InternetNews.com, a tech consultant discovered that even if you turn the remote administration feature off on a Linksys WRT54G -- the single bestselling Wi-Fi device in the world -- you can still remotely access it through ports 80 and 443. Linksys sets the HTTP username to nothing and password to 'admin' on all of its devices by default. Web site scanning from anywhere in the world to devices that have routable Internet-facing addresses would allow script kiddie remote access, at which point you could flash the unit with new firmware, extract the WEP or WPA key, or just mess up someone's configuration and change the password."

Glenn Fleishman writes "The folks who announced in Dec. 2002 that they would install 20,000 for-fee Wi-Fi hotspots across the U.S. within two years ago reached several hundred locations in 18 months before shutting down today. Cometa Networks was funded partly by Intel Capital, and had AT&T and IBM's involvement in building the network. The firm resold access to its network, and urged partners to charge low rates, like $3 to $5 per day or $12 per month for unlimited access. Cometa lost its best chance for a big network last month, when McDonald's picked Wayport to build out over 12,000 Wi-Fi hotspots in the U.S." There's now an official press release up, with the CEO noting: "We do not think this reflects on the strength of the Wi-Fi industry or value proposition."

Glenn Fleishman writes "The folks who announced in Dec. 2002 that they would install 20,000 for-fee Wi-Fi hotspots across the U.S. within two years ago reached several hundred locations in 18 months before shutting down today. Cometa Networks was funded partly by Intel Capital, and had AT&T and IBM's involvement in building the network. The firm resold access to its network, and urged partners to charge low rates, like $3 to $5 per day or $12 per month for unlimited access. Cometa lost its best chance for a big network last month, when McDonald's picked Wayport to build out over 12,000 Wi-Fi hotspots in the U.S." There's now an official press release up, with the CEO noting: "We do not think this reflects on the strength of the Wi-Fi industry or value proposition."

Glenn Fleishman writes "Say it ain't so! Microsoft makes good consumer Wi-Fi equipment but is exiting the market, News.com reports. They'll sell out their inventory, but won't make new models or produce new product. I can't recall a case in which Microsoft had viable products and decent sales and exited instead of spending more money to compete more effectively. Or even when they had non-viable products (Pocket PC's original OS) and spent years and billions before they had something that worked. Perhaps competition from Cisco (Linksys subsidiary), NetGear, and even Apple (which has a disproportionate marketshare) made MSFT blink."

mtrisk writes "Just a day after Cisco released a security warning about its WLSE access point management tool, a tool to crack wi-fi networks using LEAP authentication has been released, reports Wi-Fi Networking News. The tool, called Asleap and developed by Beyond-Security, actively de-authenticates users, sniffs the network when the user re-auntheticates, and performs an offline dictionary attack upon the password."

Glenn Fleishman writes "It's been widely reported in the last week that AMD, Intel's processor competitor, was launching a free hotspot network. It's come out, in reporting we just posted at Wi-Fi Networking News, that AMD has built this network by calling existing free hotspots and asking if they'd put stickers in their window. This might be fine: stickers and the label "AMD HotSpot" in exchange for promotion. However, in Austin several local wireless activists say that AMD has put their hotspot decals up in stores without the stores' permission, including at locations operated and supported by Austin Wireless City and Austin Unleashed. Guerrilla marketing gone overzealous? Or an attempt to seize the credit without paying for it?"

Glenn Fleishman writes "It's been widely reported in the last week that AMD, Intel's processor competitor, was launching a free hotspot network. It's come out, in reporting we just posted at Wi-Fi Networking News, that AMD has built this network by calling existing free hotspots and asking if they'd put stickers in their window. This might be fine: stickers and the label "AMD HotSpot" in exchange for promotion. However, in Austin several local wireless activists say that AMD has put their hotspot decals up in stores without the stores' permission, including at locations operated and supported by Austin Wireless City and Austin Unleashed. Guerrilla marketing gone overzealous? Or an attempt to seize the credit without paying for it?"

Glenn Fleishman writes "Over at WiFiNetNews.com, we just broke the story that Nomadix was issued a patent covering hotspot gateway page redirection. Nomadix makes hardware and software for the hotspot industry, and this patent would cover redirection used by community networking portals (like NoCat), sponsored free networks (like NewburyOpen.Net), and fee networks (like Wayport, T-Mobile HotSpot, and Cometa). It's unclear what terms Nomadix wants for a license, but this patent seems to take a standard way of doing business and put it under fee -- although Nomadix may have been the first firm to employ this method for proxy URL redirection."

Glenn Fleishman writes "Over at WiFiNetNews.com, we just broke the story that Nomadix was issued a patent covering hotspot gateway page redirection. Nomadix makes hardware and software for the hotspot industry, and this patent would cover redirection used by community networking portals (like NoCat), sponsored free networks (like NewburyOpen.Net), and fee networks (like Wayport, T-Mobile HotSpot, and Cometa). It's unclear what terms Nomadix wants for a license, but this patent seems to take a standard way of doing business and put it under fee -- although Nomadix may have been the first firm to employ this method for proxy URL redirection."

eggboard writes "We just posted a story at PC World about 802.11g chipmaker Broadcom's claims that the high-speed 108 Mbps mode available in rival Atheros's AR5004G chipset disrupts all nearby Wi-Fi networks. The Turbo mode, part of Atheros Super G, uses two Wi-Fi channels (5 and 6) to double bandwidth, but Broadcom says this can lead to 'an enormous degradation in the speed of nearby 802.11b and 802.11g networks.'. D-Link and NetGear are shipping Super G-based devices. If Broadcom is right, Atheros gear would pollute neighbors' networks. If wrong, they're putting out a pretty heavy marketing smokescreen just before Comdex - where Broadcom says they'll be demonstrating the Atheros problem."

eggboard writes "Wireless security expert Robert Moskowitz, who sits on IEEE and IETF committees on that subject, sent me a short paper on a glaring weakness in the Wi-Fi Protected Access (WPA) protocol that's replacing the weak and broken WEP system well discussed here at Slashdot. His paper, which I've posted here, proves definitively that while WPA itself remains robust and secure, the interface for choosing consumer passwords makes it simple to snarf a tiny bit of network traffic and perform an offline dictionary attack. For Slashdot readers, this probably seems trivial, but because Linksys, Apple, and others are letting users enter My Dog Has Fleas as their passphrase, WPA might be less secure for home users than WEP."

eggboard writes "Wireless security expert Robert Moskowitz, who sits on IEEE and IETF committees on that subject, sent me a short paper on a glaring weakness in the Wi-Fi Protected Access (WPA) protocol that's replacing the weak and broken WEP system well discussed here at Slashdot. His paper, which I've posted here, proves definitively that while WPA itself remains robust and secure, the interface for choosing consumer passwords makes it simple to snarf a tiny bit of network traffic and perform an offline dictionary attack. For Slashdot readers, this probably seems trivial, but because Linksys, Apple, and others are letting users enter My Dog Has Fleas as their passphrase, WPA might be less secure for home users than WEP."

Iphtashu Fitz writes "Both news.com and Wired are reporting that an Illinois school district is being sued by parents over their use of a Wi-Fi network at a local elementary school. Apparently the parents of 5 students are concerned about potential health risks to their children by the Wi-Fi radio signals. The parents are seeking class-action status for their suit, which seeks to halt the use of wireless networks but does not ask for monetary damages. The complete complaint is also available for your reading pleasure on wifinetnews.com." I would never have guessed that the emissions from a wireless network are bad, unlike the healthy emissions given off by the now inescapable cell phones that are everywhere in public.

Iphtashu Fitz writes "Both news.com and Wired are reporting that an Illinois school district is being sued by parents over their use of a Wi-Fi network at a local elementary school. Apparently the parents of 5 students are concerned about potential health risks to their children by the Wi-Fi radio signals. The parents are seeking class-action status for their suit, which seeks to halt the use of wireless networks but does not ask for monetary damages. The complete complaint is also available for your reading pleasure on wifinetnews.com." I would never have guessed that the emissions from a wireless network are bad, unlike the healthy emissions given off by the now inescapable cell phones that are everywhere in public.

eggboard writes "Matthew Gast, author of 802.11 Wireless Networks, filed this article for O'Reilly Networks explaining exactly how fast 802.11g really is: that is, what's the actual data payload and real throughput, not the rated maximum speed. His conclusion? In mixed 802.11b/g networks, which will be common for years to come, g is only 1.6 to 2.4 times faster than b, not 5 times faster as it is in its g-only mode. This article has real math based on the specs, rather than armchair speculation."

eggboard writes "Unstrung reveals that the 802.11 working group is spawning 802.11n, a high-throughput task group to work on increasing the actual data:symbol ratio in wireless networks while also boosting speed to 108 Mbps to 320 Mbps. Most people who use 802.11a, b, or g know that actual net throughput, or the real data that's carried, is a fraction of the cited rate: maybe 7 Mbps in the 11 Mbps 802.11b flavor and 25 Mbps in the 54 Mbps a and g flavors. The goal of 802.11n is to increase speed, sure, but also to increase the percentage of symbols that don't bear overhead. The bad news: they predict 2005 or 2006 for completion."