Intel's 802.11A Wireless: 5x Faster

Jaben writes: "Intel today released the first 802.11A wireless LAN devices which offer more than a fivefold increase in speed over the current 802.11B. as soon as more devices get onto the market this new technology will really make wireless a possible alternative instead of a neat item to play with."

5x more secure?

[DaveBarr]

When are we going to get a technology that's 5x more secure?

Re:5x more secure?

[cymen]

IPSec. Why waste your time with anything else? I really want a guide for getting Linux with FreeSwan to talk to FreeBSDs IPSec (using racoon?). There are a number of guides to getting IPSec working on Windows 2000, FreeBSD, OpenBSD, etc... Here are a few links:


How to setup IPsec interoperable for Linux, OpenBSD and PGPNet
Replacing WEP With IPsec

Why does IPSec with Linux seem like such a hack? FreeSwan is pretty annoying - why don't they just get IPSec into the kernel and go from there? Instead there appears to be a megapatch. It just makes me nervous. It's probably ok but man... Also, while I'm bitching, IPSec is a bit of a pain - or at least the implementations are. It doesn't need to be this complicated.

Re:5x more secure?

[DaveBarr]

IPSec. Why waste your time with anything else?

• Because Joe Home User has no hope of being able to set up and use IPsec securely anytime soon
• Because IPsec does almost nothing to help protect your system or network from attack. (so what you have no cleartext data for someone to sniff? Someone can still hack your lan and your system)
• Because there's an immense installed base of devices and systems with no IPsec support
• Because there's more to the world than IP

Joe Home user shouldn't have to be a network security export in order to use wireless technology safely. We need technologies that you can turn on and are safe out of the box. Has years of unsecure crap out of the box from Microsoft so warped our sense of reality and truth?

Re:5x more secure?

[cymen]

Because Joe Home User has no hope of being able to set up and use IPsec securely anytime soon

Good point. But...

Because IPsec does almost nothing to help protect your system or network from attack. (so what you have no cleartext data for someone to sniff? Someone can still hack your lan and your system)

How exactly are they going to be hacking the LAN? Grabbing IP addresses? That can be fixed... Nothing will be 100% but at least it'll be much much better than it is now.

Because there's an immense installed base of devices and systems with no IPsec support

Sure is... But...

Because there's more to the world than IP

No there isn't. Least not anything that I care about... But seriously - what other protocols do you think are important today?

Of course Joe Home User is going to be screwed but IPSec can be simplified extensively it shouldn't be a problem. The devices that don't support IPSec are almost worthless to Joe Home User so just toss 'em. Have an Ad-Hoc network using IPSec with Windows and they should be fine. Sure people without any brains or interest will have problems but what else is new? If they get hacked and their data is important they'll pay someone to fix it.

As I understand it IPSec can solve most of the security problems. Sure it would be nice if the specs were updated for 802.11b and new firmware was released to fix this security prolems but *RIGHT NOW* there isn't anything else. What are *YOU* going to do right now to stop people from sniffing your WEP encoded passwords (in my case my password is in cleartext when sent to my UW IMAP server, of course I'm moving to something else but in the meantime)...

I would agree that 802.11* security needs to be greatly enhanced but in the meantime IPSec is a viable option for many people. And it is a available right now.

Re:5x more secure?

[cduffy]

It doesn't have to be secure (think IPsec), but I'm sure that everyone can see major benfits of making a technology that openly broadcasts data more secure.

I don't.

Picture this:

I have an incoming connection, a router, and a wireless network. I have several hosts on the wireless network. The router uses IPsec to communicate with the internal hosts, accepts only hosts with known keys, and ignores all other connections.

What is the advantage of having the wireless protocol itself have the overhead of a separate, redundant security layer? Why would you want the separate software complexity of configuring and tracking allowed-host lists for two protocol layers instead of one?

Down that path lies having every last protocol layer being complicated by trying to do a job which is handled satisfactorily by every other one. Far better to have a single layer which does security and Does It Right than to complicate 802.11 (or any other low-level protocol) by adding complex functionality which can be handled somewhere else.

Further, consider: If 802.11 has security built into it, then whenever that security is broken, 802.11 (and the hardware that uses it) needs to be changed; same for every other low-level layer. Much better to have only one higher-level layer to keep current/secure (and have to swap out the router and install new endpoint drivers in my theoretical example, but not have to replace the wireless hardware).

Re:5x more secure?

[ConsumedByTV]

Remember: Give a man a fish, and you feed him for a day. Teach a man to fish, and you feed him for a lifetime.


Remember: Light a man a fire, and you warm him for a night. Light a man on fire and you warm him for the rest of his life.

Intel is not the *first*

[supz]

I was looking around SMC's site a few weeks ago and they had already released an 802.11a wireless access point.

Re:Intel is not the *first*

[Paul9196]

Didn't /. post another article on proxim releasing the first of the 802.11a products like a month ago? I remember reading it here, because I called their company and got a kit from them to try out at work. I think it was about ~$450 for two cards and ~$860 for the AP. They said the AP won't ship till the end of this month though. I received the cards today and gave it a test try. I transfered a ~730Mb divx movie from laptop to laptop through sftp connection between them in adhoc mode. I think it topped out at about ~800Kbps transfer rate and the laptops were about 3 feet from each other. I had the 2x software compression technology on as well to try and boost the speed, but considering it was a) a compressed movie b) ssh compression and c) using 2x compression from proxim, it's hard to tell how much it would help. They claim they can get 108Mbps with optimal compression on files sent. If anyone wants to learn more about how proxim's stack up, let me know and I'll let you know how well it works through their APs when they arrive.

what the ???

[spike666]

oh, so the 802.11B that i'm using at home now is not real? excuse me, but... it works. its good. and even if i do have to be a wireless nazi about who gets in, it is a working feasible technology.

and cost wise... since i'm using an apple powerbook, the card is only $99

oh and by the way, the airport cards they're shipping now are 128bit capable. (no software yet...)

but it works just fine for me.

Speed isn't why wireless is still a "toy!"

[NickV]

It's not speed that makes wireless a toy. It's the cost! I don't consider an 11mbps wireless connection a "toy" and if it wasn't for the costs associated, I'd jump on right now.

Come on, seriously... alot of us are still on 10mbps connections to the Internet. 11mbps is far from a toy, and the speed bump will be nice but that's NOT the issue. 54mbps, 11mbps... who cares! what about the cost!?

better solution: same hardware

[Frothy+Walrus]

i agree that 802.11a, at 54Mbps, is quite powerful, but i think the consumer would prefer an easier upgrade path: 802.11a requires entirely different hardware from 802.11 because it uses 5GHz instead of 2.5GHz. seeing as 99% of us cannot hose a 10Mbps ethernet for more than a few minutes at a time, i don't think the extra speed is going to justify to the consumer the cost of re-buying all the expensive hardware (new base station, new cards, new range-extender antennas, etc).

who knows, the market will decide. but i don't see it catching on in the next two years, at least.

Re:better solution: same hardware

[cmowire]

I think you are going to be seeing business users going for this first, not consumers.

This way, you can have 20 people in a conference room get decent bandwidth and response time while they are all participating in a meeting/training session/etc and still leave bandwidth free for Ed, who's network port was acting up this morning.

I'm all for 54Mbps because I /can/ hose a 10MBs connection. Well, that, and I don't have the stuff purchased yet, so I'll just wait a little bit and get the 54Mbps gear when I have the cash ready. Maybe they'll have WEP fixed by then, too. ;)

Re:better solution: same hardware

[crisco]

I don't think the Slashdot crowd realizes what 11Mbps means with this wireless stuff because they haven't used it, tested it and played with it.

11Mbps is the optimum 'media' transport speed. As these things operate in half-duplex mode, effective is half that. Add your overhead and error correcting and you have an effective rate of closer to 3 or 4 Mbps. When you're close to the Access Point. Move a little farther, find a wall or microwave oven and it is even lower.

A proper 10Mbps LAN does feel faster than these cards unless you're using them as a gateway to your 1.5 Mbps cablemodem. Corporations (the ones that are surviving these tough times anyway) are going to be happier with the higher speed stuff(until they realize security should be an option).

But thats all the better for those at home that want to chill on the couch and net-surf with the laptop. Prices on the 'slow' stuff are going to drop further and in the end, you're right, they are perfectly useable speeds as is.

Re:better solution: same hardware

[edremy]

Up until very recently, I was using 802.11 cards, not 802.11a or 802.11b. These max out at 2mbs. Unless I was spooling a large print job or attempting to do a large LAN-based file transfer, I hardly noticed I only had 2mb of bandwidth available to me.

For a single person, 2Mbs might be ok. We've got the same solution, but instead of one person spooling a large print job, we've got 30 in a classroom attempting to download high resolution artwork. (No, not porn, unless you consider 13th century art porn.)

2Mbs is way, way too slow for this use, as we've painfully found out. We haven't even bothered with 11b, since we know we'll outgrow it way too fast. Until we can get an 11a solution wireless isn't an option here. I spent a lot of time talking to the Intel folks at EDUCAUSE a few weeks ago about what we need to roll it out...

Eric

802.11b isn't a toy

[tonyc.com]

"[T]his new technology will really make wireless a possible alternative instead of a neat item to play with."

Excuse me, but an 11 megabit wireless connection isn't quite worthless just yet. How many home users, even with DSL or cable modems, are pushing this limit? And how many offices are still using 10baseT LANs, or 10baseT hubs on even faster LANs? To all these users, 802.11b is still 10% overkill. Will 400% overkill make us any happier or more productive?

Plus, 802.11a is much more power-hungry, making it a decidedly unattractive choice for wireless PDAs. What say ye?

Not the first

[mosch]

Despite what this article says, Intel is not the first company to release 802.11a devices. Proxim has the Harmony line of 802.11a devices, and has for some time.

Slashdot needs a fact checker.

What nonsense

[benploni]

The whole premise of this story is wrong. 802.11b is NOT a toy; it a very useful technology. 11Mb/s is not to be sneezed at. Who are you kidding? 99% of network apps are thrilled to run at that speed.

Second, 802.11a has issues of its own. Most importantly, it is WAY shorter range, and can be blocked by a wet piece of paper. 802.11b is so robust, people have run over several miles (with special antennas).

More importantly, networking is *infrastucture* and displacing infrastructure is hard. All those laptops with builtin 802.11b arent going away. Neither are all those deployed Access points.

I forsee 802.11b having continued success, at even cheaper prices.

Re:What nonsense

[cmowire]

Last I heard, the 802.11a gear had less range in paper, i.e. you can't get the 5x speed at especially good range, but the range within which you can get a decent signal in the multi-megabit range is actually at least as good as 802.11b. As in, it has more bandwidth to degrade over.

Of course, what could also happen is we see dual 802.11a/b gear. Which is fine for a number of reasons, including the multi-mile range with antenas, the lowered power consumption (If that is, in fact the case) for PDA usage, and upgradability.

Proxima also has an 802.11a product

[hackman]

Proxim also has a line of 802.11a stuff, possibly a little further along. They have an Access Point that should be available at the end of November roughly, but the cards are available now supposedly. There is a company called Luna Communications handling the early release stuff.. Lunacom.com

Here's the link to Proxim

We're planning on getting a setup soon, the claim of 54Mbit/s from the x2 technology sounds way too good to be true! Anyone have experience on actual speeds that they get? I've never even gotten close to 1/2 of the 802.11b bandwitdh maximum (11Mbit/s).

Brett

Intel Not 1st to Market with 802.11a

[PhotonSphere]

Proxim has had 802.11a wireless gear out for a little while now. Their Harmony 802.11a FastWireless Kit is a prime example. In fact, we have an 802.11a wireless node up in our community wireless freenet.

While the improvement in throughput is excellent, it comes at a cost of range. The 5.4GHz spectrum does not carry as far as the 2.4GHz band, used in 802.11b. This difference will be felt the most in long-range applications, whether it be a directional long-shot or the more omni-directional community wireless networks such as BAWUG or Houston-Wireless.

--
The Sphere Guerilla Net
Space City, TX

Bandwidth isn't what we need

[melanarchy]

"wireless a possible alternative instead of a neat item to play with."
I feel that the biggest downside to current wireless is not the speed, which even at the 6.0mbps that I was getting in a lecture hall this morning while I was in #coverage in slashnet being obsessive about today's crash, but the range. Just under 500ft away I was getting 0% reception. Most people use very little bandwidth the majority of the time they are using any sort of networking and in most cases it is reliability rather then speed that is the limiting factor. Intel's site doesn't say anything about an increase in range only in speed, and as nice it will be to be able to stream audio, video, and serve a webpage over a wireless connection I do not really see the need for 55mbps over 11mbps.

When we start to see antenna's that are more then just useless screens and reliability without line of site is when you'll see more of a push to wireless.

Re:Have they fixed the problem with WEP?

[kwj8fty1]

You can't assume that ***ANY*** wireless connectivity will be secure - - - Even with things like WEP, you should use SSH/ssl/etc. Also, it takes over 1 million packets to get a 128bit key on 802.11b. If you change your key once a day (or once a month even), then you are safe. There are tools for automaticly updating the keys, and it's a good idea anyway. If you are worried about security, take your head out of your $#$@ and get it setup right. Don't blame the vendors/protocol because you have only one layer of security. It's just like you left a cat5 cable hanging out of your office, and blaming the hub manufacturer that it's their fault when you get hacked. Gimmie a break.

Anti-soltution.. and rationale

[d.valued]

Unless you happen to be some kind of alien (or corporate) super-genius, you can't just take a 5 GHz antenna, slap it onto a 2.4 GHz transmitter, repackage it, and call it 802.11a.

First off, the componants for a 5GHz transmitter need to be (and are) smaller than the componants for a 2.4GHz system. This is why 2.4GHz phones and 802.11b cards have effective antennas within such a small form factor, and this is also why 11a cards have greater range. The antenna that can be fit into a Type II or CF slot would provide approx. a 10 dB gain (or double the effective radiated power) of the 2.4 antenna. (Besides that, a 5 GHz signal can be sent from a 2.4 GHz antenna with a little shrinking for that gain.)

The reason the transmitter is smaller is that the signal is much more easily affected by the environment, and by shrinking the distances between componants (and the componants themselves) one reduces that possibility.

In addition, the hardware has to be capable of handling the increased thoroughput. If you put a 100baseTX card on a Cat4 based network, it ain't gonna get you full bandwidth; likewise, a 10baseT on a Gigabit Ethernet connection can't do squat. 11a's guts are different from 11b's.

Also... about security in wireless: Let's make this clear. Any form of broadcast-based system, be it wired (like Ethernet) or wireless (802.11x), IS VULNERABLE TO EAVESDROPPING. Security has to be made application-level, like IPsec, SSL, SSH, and not hardware level. Especially if everyone has access to (sufficiently similar) hardware.

Mercedes-Benz rolls out drive-by Ethernet

[A+Commentor]

From infoworld: Mercedes-Benz has 802.11a in a car... Interesting article even though it was 'rejected' by /.

Mercedes-Benz showcases a car of the near future with a built-in wireless Ethernet 802.11a connection that will capture high-speed bursts of data from roadside transceivers as the car hurtles down the highway.

Laptop speeds limited

[BarefootClown]

Glad somebody else has noticed this. I have an 802.11b network at home, and another at work; I use them to keep my (and my roommates') laptop(s) on the network without having to drag 100+ feet of Cat5 around the place. Do I feel limited by using "only" 11Mbps? Hell, no! I rarely break 1Mbps--on any network. I used to use a 100Mbps wired network, with a decent NIC in my laptop (3Com hardware NIC, not a WinNIC), a decent 100MBps switch, and still rarely broke 1Mbps, even with my desktop machines running closer to 50 Mbps. Why? In short, laptops suck. Seriously--when you're looking for performance, you don't look at laptops. The hard drives are much slower than anything in a desktop, the bus speeds are slower (my laptop has a 66MHz FSB; my desktop has a 133, with DDR RAM); everything is slower and scaled back. 11Mbps is no limit to a laptop, in my experience. It would be a limit to a desktop terminal connected to the WLAN, but most people/companies don't use wireless for desktops.

Granted, we could probably saturate the WLAN if we had twenty or so people all trying to pull large files, but that condition has its own flaws: 1) how often does the situation occur--even in a meeting, with 30 people attending, how many of them are trying to pull big files at a given time (usually none...), and 2) how many clients can an access point actually handle? Most of the ones with which I'm familiar (consumer equipment, admittedly) get flaky around 20-30 people; any more, and you need another AP--add another AP, and you effectively double the bandwitdh, as you're splitting the load across two different AP's, each on a different channels. Also remember than many networks are still only 10 Mbps, because of the high infrastructure cost of upgrading a major network (particularly if recabling is required); on such a network, the bit behind the AP is already the bottleneck, so it's not that big of a deal if the WLAN is only 11Mbps.

In short, yeah, it's neat, it's cool, but it's not that big of a deal, as long as laptops don't get a major bus upgrade. A chain is only as strong as it's weakest link.

"possible alternative"?

[sfe_software]

I never thought 802.11b was that slow. I've been using it for my laptop since February, and at 11 megabits, it's plenty fast enough IMO. Sure, it's not 100 MB/sec but it is wireless...

If you're refering to range issues (eg, an alternative for more broad coverage), then I'll agree. But for home and office intranet usage, 802.11b is more than suitable. Even with cable/xDSL/T1, it's considerably faster than your external connection anyway...

The one really good thing that might come of this IMO is that 802.11b products may go way down in price once the faster alternative is made available...

Why products are insecure

[billstewart]

Cell phones, cordless phones, wireless networking, etc. should all use strong encryption, yet none of them do?

Sometimes you have to attribute it to malice, sometimes to stupidity, sometimes to changes in technology.

• Analog cellphones were too early, and you need to digitize data to do effective encryption. Analog cordless phones have the same problem, plus they're trying to be cheap.
• Digital cellphones are primarily weak because of malice - the US government armtwisted the US TDMA and CDMA standards committees into using obnoxiously weak encryption, with the leverage that crypto export laws could be used to prevent them from selling profit-making cell site equipment internationally and getting cheap handsets made internationally.
  
• The European GSM primary encryption algorithm A5/1 is technically incompetent, and doesn't have enough bits in the encryption keys, but as Goldberg et al. discovered, it's further weakened by setting 10 of its bits to all-zeros. And the alternate encryption algorithms designed for non-politically-connected countries are even weaker. The algorithm incompetence could have been prevented by developing it in public, with some competent peer review, but the demands for secrecy blocked it - as anybody in the crypto business knows, that's a big lose.
  
• Anything using 40 or 64 bit crypto is limited by US export laws (either current at the time the stuff was designed, or obsolete but old habit.)
  
• 56-bit DES encryption used to be adequate technology, but reality caught up with them. Unfortunately, it does enough slow bit-twiddling that the triple-DES variation, which is strong enough for anything, is too slow for many high-speed applications unless you add appropriate hardware implementations or a fast CPU. Also, there are applications that only use 56-bit single-DES for US export law reasons (again, generally no longer applicable, but some countries also restrict imports.)
  
• Any current 128-bit symmetric algorithm is strong enough (though some of them use MD5 hashes to generate keys, and those are looking technically shaky - but you can avoid that.) IDEA had minor patent problems (but Ascom-tech was friendly about free licenses for non-commercial use, and reasonably priced for commercial use.)
  
• RC4 encryption has a few simple rules about using it safely, like "never use the same key twice" and "if you're using it to XOR with your plaintext, make sure to design your application so it doesn't give away information." That's what killed Microsoft PPTP, and it's one of the problems with WEP. No malice, just incompetence.
  
• Authentication is hard. Sure, the RSA algorithm provides some of the fundamental tools, and now that the patent's expired it's easier to use them, but if you want to limit access to authenticated authorized users, you have to solve the problem of deciding who's authorized to do what, how to authenticate that they are, and how to distribute the data to enforce it. This is where many systems choke. Do you need PKIs? Do you want to distribute shared secrets? Do you want to allow promiscuous connections from anybody driving by with am 802.11b in their laptop and still have something you call security?
  
• The market is usually more concerned about authentication than privacy. Not too many people eavesdrop on cellphone calls for the content, compared to the likelihood that if a bad authentication method makes it easy for Bad Guys to clone your cellphone and make $500 calls to Bolivia which you'll refuse to pay The Phone Company for, so that's where the emphasis is. Privacy is important to some users (and there are things many people won't talk about over cellphones), but if it doesn't leak password information it's often just not a priority.
  
• Add your own issues here. There are lots of them...
  

Wiring / Managing Offices Costs Money Too

[billstewart]

Sure, if you're trying to connect a couple of machines in the same room at home, $200 and even $100 card are a toy, though connecting machines on different floors of a house may or may not be easy.

But offices are much different - wiring cubicles for Cat5 and running it back to a phone closet costs money, and hubs that can provide management services (for lots of users) as opposed to simple dumb hubs also costs money, and reconnecting the things every time you play the Shrinking Cubicle Space Game costs money. Especially now that wireless cards are $100 heading for ~$50, and good laptop 100baseT cards are $40, if you're not loading your network heavily, wireless is a big win.

It's not as strong a case if you're in a file-server-intensive environment, but for typical corporate use, 10 Mbps is enough for a lot of users doing email, printing, and web browsing plus their desktop-based apps. (Of course you'd run 100Mbps for a wired network, now that it's as cheap as 10Mbps.)

Wireless is also a really convenient approach for office telephones, as long as they don't interfere with wireless data connections, cell phones, microwave ovens, .... Eliminating Moves/Adds/Changes for phones is a big win.

If everyone used TRANSPORT MODE ipsec....

[maynard]

...we would all share and enjoy secure communication. Everyone focuses on Tunnel Mode ipsec without paying attention to other possibilities in the specification. Linux FreeS/WAN, the BSD's, and even Win2K all support both Tunnel and Transport Mode ipsec, why don't more people use this stuff? Though, honestly, why the FreeW/AN folks don't use a standard IKE daemon for key exchange is beyond me....

I guess we'll all have to wait for IPV6 before this stuff becomes ubiquitous. But there's really no reason why an end user need worry about secure communications across the internet. If everyone had the infrastructure (local daemons) for key exchange and ipsec it would be entirely hidden from the user and totally secure point to point. No more need for wrapping various protocols through SSL pipes... which is an obnoxious hack IMO. The ipsec guys have it right. Setting up a secure communication point to point should be completely transparent to the end user, and given ubiquitous support ipsec would be just that simple.

So your "Average Joe" argument is worthless. Your second argument about securing local systems is beside the point and not relevant to secure communications across an insecure network. Your third point that there is already a huge installed base of IPV4 systems without ipsec support is, unfortunately, the truth. The point that "there is more to the world than IP" is yet another meaningless statement. There is more to the world than a woman, beer, and dinner. But I'm not about to turn down dinner with Guinness and a date anytime soon.

JMO,
--Maynard