Slashdot Mirror

← Back to Stories (view on slashdot.org)

Replacing WEP for Wireless Security

Posted by michael on from the ha-ha,-he-said-wireless-security dept.

i.r.id10t writes "Over at infoworld.com they have an article about the organization that certifies wireless LAN products under the Wi-Fi name revealed new specifications Thursday for how vendors should make their products more secure. The guidelines call for new mechanisms to replace the current security system, based on WEP, which has come under fire for being too easy to circumvent. The certification body, Wi-Fi Alliance, plans to lay the mechanisms out as optional features beginning in February and require them for Wi-Fi compliance about six months later, said Dennis Eaton, chairman of the Wi-Fi Alliance."

3 of 79 comments (clear)

  1. Secure by default by iiioxx · · Score: 5, Interesting

    I think it's great that wireless standards are expanding to include better security, but I think the real problem is with the way the products ship from the manufacturers. WEP would be a "good enough" security protocol for the average application, IF IT WAS USED CONSISTENTLY.

    But every wireless product I've ever used (and there have been a lot of them) shipped by default with WEP disabled, I guess to make it more plug-and-play. In my mind if you want to make wireless networking more secure, start by shipping the products with WEP enabled by default, and require the user to configure a unique SSID and WEP passphrase when they setup the equipment.

    I mean, you could have a rock-solid encryption protocol, but if nobody is using it... what's the point?

  2. Compatibility by JoshuaDFranklin · · Score: 5, Interesting
    A task group within the IEEE... 802.11 working group... is now working on a tough new security standard called 802.11i. However, it isn't expected to ratify that standard until September 2003, so the Wi-Fi Alliance took a "snapshot" of 802.11i.

    Great! More non-standard possibly incompatible implementatins ahead.

    For home users, the eventual goal is to have the new security features activated out of the box
    This would actually help a lot, as long as "activated" doesn't mean "password set to 1234".

    This article also didn't say anything about vender support, especially whether all the existing 802.11b gear will get new firmware. This is a really big deal for someone like a Uni or Wireless ISP where students/customers are going to try to buy the cheapest stuff they can find and expect it to work.

  3. Stupid! by Anonymous Coward · · Score: 5, Interesting
    Wired equivalent privacy? You haven't sniffed an ethernet cable, have you?

    Don't trust the wire (or wireless). YOU DON'T HAVE TO!!!

    Why try to create new technology for this? The problem can be solved with technology OFF THE SHELF.

    Linksys makes a "VPN router" that uses IPSEC and 3DES for under $100. It works fine with windows 2000 ipsec and many many others. I use it with OpenBSD. Linksys also makes wireless access points. Combine the two devices! Problem solved.

    Now if linksys would combine the two devices into 1 box and write some clear documentation for the newbies, they would have a great product!

    Are you listening linksys? d-link? netgear?

    Hmmm. Maybe I should go patent this idea.