Slashdot Mirror
Secure Wireless Through Infrared Antennas
oogamrm writes "Everyone knows the main problem with Wi-Fi: Security. It's relatively easy for intruders to sniff packets out of the air and even connect to the wireless net. While most wireless companies have responded by trying to beef up the encryption, the University of Warwick's engineering department has developed an optical antenna that operates in the infrared band. This means almost no energy leaking through walls, and simple filters to block it from exiting through windows. The antennas can be so well tuned that several networks can be co-located in the same physical space. The whole story is available at news.com.com."
This would have been great a while ago, but what I don't understand why its so difficult to have created truly secure wireless networks in the first place. I mean, come on guys, there's tons of public key cryptography stuff out there, I don't see why that wasn't used from zero day.
Granted, I'm not a wireless engineer, I just play one on slashdot, so I could very well be talking out my ass.
I'll be happy to stick to my two tin cans and a peice of string.
Be you Admins? nay, we are but lusers!
-SheWhoWalksWithToesLikeCobras Please enter any 11-digit prime number to continue...
I think the question is... how much approx $$$ would it cost?
--- WAL
I thought the great advantage of 802.11x was it *wasn't* on the infared spectrum like every wireless proticol prior.
Then again perhaps some people enjoy only having line of sight networking, to each his own.
I live in a giant bucket.
I already have to deal with my little brother standing directly in front of the IR receiver on the TV for the remote control. He's gonna have a field-day screwing with my quake ping rates!
Play the Stock Market Drinking Game
tcd004
Correct me if I am wrong, but doesn't this require line of sight? Doesn't that limit the usefullness of a wireless network? I thought one of the benefits of wi-fi was that it went through wall and windows.
FoundNews.com - get paid to blog.,
As I'm sure anyone with infrared equipment will know, it dosen't travel around objects very well. So I can't see this being useful indoors.
Outdoors as a point-to-point link, it's a bit more useful. But may fail because of the same reason. A light rain or snow shower could probably block one of these links.
Since I installed my new infrared network, my damn TV keeps changing channels to 65,535
using System.Awesome;
This is SECURITY VIA OBSCURITY. Its worst than Microsoft's proposed ;HttpOnly cookie value. Not only does infrared have a miniscule amplitude comparable to that of dark mango light, it shares properties of microwaves in that it does not penetrate lead steel. This is in stark contrast to the ceramic flossings offered by MIT Inc.'s 802.11b/ALL wirefree standard. Wireless is well-known for eliminating some of the wires, hence the term "wires: less", and these microscopic wires can picked up by sophisticated nuclear wireless detection subsystems such as NetStumbler. Infrared is no exception to this rule. SECURITY VIA OBSCURITY DOES NOT WORK.
"The lesson to be learned is not to take the comments on slashdot too literally." --Vinnie Falco, BearShare
Meanwhile, I've created a totally new form of network media that's MUCH faster and more secure than ANY WiFi to date. I call it the "Electron Antenna". It only transmits through copper. Here are some choice quotes from my upcoming press release:
The new antenna may have a favorable impact on the use of networks in corporate settings or for business transactions. Compared with radio frequencies, which pass right through walls, electron beams can be more tightly controlled.
"You make the network more secure because electrical energy is contained within plastic and doesn't leak out through the edges of the wires. You can equip the wires to contain electrical energy," said Subreality. "Also, you can create a tight beam between one point and another which doesn't diverge much in comparison to a radio frequency beam."
I'm a genius.
--Keepiru
--slashsuckATvegaDOTfurDOTcom
That's good for a giant cubicle farm, or warehouse, but this won't work in other setups without repeaters.
This will become expensive.
So, yes, it may indeed be more secure, but is the enormous leap backward in available bandwidth really worth it? I for one would much rather use stronger encryption than weaker signals.
-collins
Everyone knows the main problem with Wi-Fi: Security. It's relatively easy for intruders to sniff packets out of the air and even connect to the wireless net. While most wireless companies have responded by trying to beef up the encryption, smart people a long time ago developed a device called a "network cable". This means no energy leaking through walls, and no extra precautions necessary to block it from exiting through windows. The cables can be laid so that several networks can be co-located in the same physical space.
It's been done, okay? If you're going to carefully aim IR antennas and put up filters on windows, just lay some Cat-5 already. It's cheaper, faster, and more secure.
http://www.utm.edu/research/primes/lists/2small/0b it.html
has a good list of primes. I chose: 2^34-41 or
17179869143
Now I can continue to....?????
quasarATemailDOTuncDOTedu
(posted anonymously since it's shamelessly offtopic)
I dunno... if they could boost the power output of those IR transmitters to several kilowatts, that would make downsizing a lot easier...
Of course, it may require some extra budget for cleaning crews...
=Smidge=
802.1x (note that this is a protocol for access control -- the "x" is not a wild card) solves the authentication problem. Then you're free to use whatever encryption scheme that you'd like on your packets. No need to deal with the limitations of the infrared band.
it's called IrDA.
I believe it could be done indoors.
The wireless portion just won't be very long.
Imagine a company that currently has a wired network, and a conference room. It seems to me that if you wanted to create a wireless room all you would have to do is mount a series of antennaes around the room where Ethernet is already available and voila.
You have a wireless network --it's wireless from the wall to you!
See now that's useful, no wires!
wireless networks are inherently insecure, so are cellphones though. Does anyone complain? If anyone has anything important to send they encrypt it anyway.
... when I change the track on my laserdisc player, my computer detects a UPSd call, and shuts down my fileserver...
IBM had PL/1, with syntax worse than JOSS,
And everywhere the language went, it was a total loss...
Does this mean that turning up the heat in the office can now be interpreted as "hacking"?
that ought to teach him a lesson, eh?
If this stuff's gonna require line of sight, why not use wires instead then? (Wires won't let u go through two different rooms, but neither will this...) OK, well I guess you could move around a single room easier....but then you have to worry about where you move, and not to go behind things that could potentially block the signal...
My university is rolling out wireless using vpn to authenticate and secure the connection.
I've heard about some security issues with VPN but nothing like the issues with WEP. Seems like an elegant solution to me. I haven't pushed and prodded it too much but I didn't notice that there is some firewall protection available in the vpn client as well (not mentioned at the link above).
Not a perfect solution but possibly good enough for now.
Comment removed based on user account deletion
great, now if i line up my computer with an ir beam "up to 3 miles away" i can get broadband
i remember when i got my ipaq a few months ago. after a couple minutues of aiming, i could transfer files from pda to pda, without the hassle of the whole 15 seconds it would have taken wireplusly connect the devices. fun.
Its all about trade offs. Speed vs security vs mobility. If you are lucky you can pick a network system that has any 2 of the above 3. With IR you would get security and *limited* mobility, with wired you would get speed and security, and with WiFi you get *limited* speed and good mobility. You cant have your cake and eat it too people. I see no point in going wireless if it requires line of sight.
Viral software licensing is not freedom, it is in fact GNU/Socialism.
As mentioned elsewhere, 802.1x solves the authentication problem. That is the ONLY problem, there is no sniffing problem that is any worse than wired ethernet. You want data security, use a secure protocol like SSH, or SSL for web stuff. Don't force all the overhead of needlessly encrypting all the traffic or forcing everyone through a VPN consentrator, that is a horrible solution. Just use secure protocols when you want security.
Finkployd
IR is just another medium. It is/will be useful in it's own niche.
I doubt the security issue will be the big selling point.
802.11* has problems coexisting with other wireless networks, as well as unintentional interference, and it will only get worse. That doesn't mean the party is over, just that sometimes other solutions might be better suited.
When someone might yell at me, it has to be OpenBSD.
...lies in the design of WEP. It is an example of what happens when non-cryptographers try to implement and design a secure system. All it took was a couple of Berkeley grad students looking at the WEP specification to notice that there were several critical holes in WEP, which has led to the attacks we see today.
If they had:
- employed professional cryptographers to design WEP
- opened the spec to more public review early in the process
we probably would have a robust WEP spec in place. This is usually the problem with the various crypto systems that are getting hacked left and right these days...
or it atleast contained provisions for a difused infrared networkign protocol. Heck, even IrDA support *multiple* devices in range. There really isn't anything stoppingyou from putting a diffuser on the IrDA port on your PDA and communicating with several other devices at the same time.
The original 802.11 specification (note I didn't put a "b" after the 11) had 3 physical transport mechanisms. There were 2 PHY's in the 2.4 GHz range. One used DSSS (aka Direct sequence spread spectrum... this is what "b" uses as well). The other was FHSS (aka Frequency Hopping Spread Spectrum). The third PHY was infrared. It was designed so you put up little IR lights on top of your cube and the IR would bounce off the cieling in your office to other IR receivers.
Yep. It's been around for YEARS but no one used it. Hell, vendors had enough interoperability issues with FH v DS, the thought of using IR was just right out.
Using it for security sake now seems a bit silly. As pointed out before, IR requires basically LoS. If you're going to be in an office building and using special filters on your windows, then just use wires. They're about 100x faster anyway. TKIP/802.1x are going to go a LONG way to solving wireless security problems within the next 2 years. Lets not take 2 steps backwards and use IR as a PHY.
Hey, anyone remember the IR wireless that JVC had years ago. I actually have one at my company that works, it's range is rather limited, but it's nothing that new. http://www.jvc-victor.co.jp/english/pro/lan-e/
Finally we can warm up our lunch with privacy and authenticity! Security so good you can fry an egg on it!
I don't need large brains to have a good time.
This article is very vague about what exactly has been developed. I'm curious to know more, perhaps when it's unveiled at comdex.
They refer to it as an optical antenna. That is probably a misnomer. It sounds like what they have actually developed is a new type of optical sensor, perhaps with some special lensing. Lenses are much like antennas for light.
Current technology uses phototransistors which are pretty good at what they do. But they have a fairly wide bandwidth, that is they respond to a wide range of wavelengths. The article claims that their new sensor has a very narrow bandwidth. To limit the wavelength response of a phototransistor, filters must be used which reduces the signal strength.
They also claim that the device is 100 times more sensitive than current technology. A new type of filter which was very low loss could increase the effective sensitivity of a filtered phototransistor, so I wonder if this is what they have really developed.
Either way light travels in straight lines and I doubt if they're counting on cloud reflection or something, so this device would require a line of sight. That said, try aiming your remote control at a window sometime and see how the light bounces off and then to your TV. A device 100 times more sensitive may be able to take advantage of reflected paths that are currently unuseable.
Current outdoor point to point IR links using laser technology can be reliable up to several miles, even in rain. The units I've seen are over speced, so that without weather they are actually capable of working over much longer distances, but they aren't market as such.
-73, de n1ywb
www.n1ywb.com
You know, in this post posted 6 minutes earlier. Of course you followed the tried and true technique of posting pretty much the same thing as a followup to an earlier post, knowing that most people won't realize your theft.
I remember back in 1992 the University of Michigan's College of Engineering had a couple wireless computer labs (both for classroom use) set up for testing. One used Motorola's Altair 18GHz radio product, another an infrared product.
4 S0062
In fact, here's a Network Magazine article from almost 10 years ago exactly on the topic:
http://www.networkmagazine.com/article/NMG2000072
I remember the Altair presenting an interesting problem because its data packets were slightly smaller than AppleTalk packets; the AppleTalk packets had to be split up and performance was severely degraded.
Which day is the megalow-deal?
...the University of Warwick's engineering department shows some spanking new technology that replaces those nasty and still interceptable wireless signals with a brand new concept called "cabling".
Come on people, this is a terrible approach (as it kills the *only* Wi-Fi advantage), based on security through obscurity, *and* at the same time a questionable achievement, cuz ya know... IR isn't a new technology/concept/medium...
it seems to me that an office building could theoretically be built to fairly effectively dampen any wireless going on within it - the problem being that it would also dampen any wireless waves trying to come in. So - we lose the following:
Radio: mount an antennae on the roof, setup some radio streaming servers inside the building that people can point [insert fav. audio player] at.
CellPhones: This is a little trickier, but there once was the idea that your cell could transfer calls to your desk phone automatically. I know some cellphones offer a forwarding option, I don't know how automatic this is - perhaps you could set it to be scheduled?
TV: Shouldn't be watching TV at work, if you should be - they probably have cable anyways, problem solved.
I mean, really, the only problem you have beyond that is when you're in a large shared office building - and when you're mixing interests like that anyways you don't much damned security anyways, and maybe you shouldn't be using wireless except during that all important meeting, when you connect ad-hoc to a predetermined server that's not tied to the company intranet.
Surely I've missed something or put something inaccurate out there - so let the replys flow
cyn, free software and *nix operating systems enthusiast.
Great.. the boss' kid comes to the office on a weekend with a TV remote control and DoSs the LAN.
Trolling is a art,
What's the point of wireless if you think the ability to be in another room is a disadvantage? If it's so awful, why not just plug the computers in physically like in the olden days?
"You make the network more secure because infrared energy is contained within a room and doesn't leak out through the walls and windows. You can equip the windows to reflect infrared energy," said Green.
You could have some serious fun with companies depending on the configuration of the reflective surface. If boths sides are IR reflective you lose solar heating benefits but gain security. If only the inside is IR reflective to keep the signal trapped, whilst IR is allowed in from the outside, then a fun attack would be some IR beams from afar aimed at the windows to heat up the room and fry the marketdroids and PHB's!!
It's funny that you mention that. I remember trying to transfer files at school from an IrDA capable laptop to an IrDA capable printer. It took 3 hours and in the end we had to build a cardboard tunnel to cut the interfereance out. (the funniest part was at about hour 2 when we realised that the manufacturer's plastic protecting sticky tape was still on the electronic eye of the printer. We peeled it off and got a much better signal)
Anyway, from the picture of the optical antenna, I would guess that it would be oriented upwards so that it looks like a big fisheye lense pointing at the ceiling. Since IR bounces off walls (I know because I've sometimes changed the channel on my TV while pointing my remote in the opposite direction) then I guess that the whole point of the optical antenna is that it is able to see the ceiling and not be blocked because if the direct LOS is blocked, than this omnidirectional antenna should get usable signal from the reflections coming in the opposite direction.
is it fiber optic?
I don't know... At least 10 years ago someone could point a dish at your office window from 100 feet away and steal data. I would not be surprised today if that same technology has advanced 100 fold and could pick up even the tiny signals spoken of in this article.
If that doesn't make you think a little, then maybe you didn't read these recent stories:
Sensors gone wild
The Pentagon Wants Your Secrets
I wonder how long before we run out of letters to designate 802.11 standards...
802.11omega anybody? maybe we might need to grab some hirigana...
when you can use our patented security protocol?
You just put the message into the secure wrapper, and it's safe from prying eyes!
Could you use PGPhone which you could compile yourself for your laptop, a head set and a cellphone to become secret agent man?
or better yet use some featherweight linux and get it running off your iPaq!
This is retarded and a waste of everything. The only way this would work would be line of sight. SO everytime ANYTHING passes threw it your screwed. Why not jut use wires that cost 100% less and put then under the floor? Oh because wires are SOOOO bad. This infrared crap is the most stupid thing ive ever read.
Neolight Networks Introduces Lightbulb Network
Tuesday November 12, 12:30 am ET, Lies Newswire
Weird Valley -- Neolight Networks Inc(R) is about to launch their revolutionary Lightbulb Network (TM) this coming Friday. Instead of using expensive infrared equipment, they're using normal light. "It's a cheap and secure network" said Al Bundy, CEO at Neolight Networks. "All spare parts are readily available at any store, which keeps maintenance costs down to a minimum." Bundy continued. "The Lightbulb Network is slightly slower than an infrared network, but otherwise it works on the same principle." said Bundy. "This network is as secure as the customer wants it to be. But we do recommend our customers to paint all the windows black and run the equipment on an internal power supply." Bundy said with a wide smile on his lips. There are some minor drawbacks though... Employees are not allowed to use any type of bright light, since this would crash the network. "But the light bulbs will blink the whole time, and give a nice disco feeling in the workplace." Bundy quickly added. People who suffer from epilepsy can't work in the rooms were the network is installed. Al Bundy told us that he recommends the customers to lay off all epileptic people... "it would save them from being sued once the network is up and running" Bundy told us.
I've got Klez on my VCR, it keeps trying to email my pr0n videos to my friends!
One line blog. I hear that they're called Twitters now.
The antennas can be so well tuned that several networks can be co-located in the same physical space.
I can co-locate several networks in the same physical space without 'tuning' my CAT-5 cable. Amazing stuff, that.
(I wrote a little note on this, but Slashdot's posting system hasn't worked right since the switch to the new server, and my posting was lost. Every time I click on "Preview", I get the message that I posted twice.)
Maybe somebody actually read my post
Wireless has a good transfer rate, so it would offer good resolution for wireless devices or decent transfer for wireless networks. A lot of laptops with a decent wireless ports can transfer up to 4Mbps (my old laptop did quite fast transfers before it met the electrical-surge goblins).
While it might not be good for providing long-distance network access (due to line of sight), a wide range wireless hub could do quite well for a room of computers, etc (which would kick butt for a LAN party or perhaps a school lab, if you had a hub somewhere high and aerial receivers). We have to avoid use-it-for-everything scenario though...
One of the first ideas under development is for credit card payment systems. The idea is to equip credit cards with infrared links for use at gas pumps and supermarkets, for instance.
Just because something is new and works doesn't mean it has to take over everything. It's like the story about networked laundry machines. I the keychain with a RFID chip for gas was good enough, and probably cheaper to produce.
OK - so we have had several stories in the past several weeks talking about WiFi this and that - and I have posted a few comments asking about wifi security. I would like some help from you guys - as it seems that there are several out there who really understand securing wifi networks. (I have written to both the sputnik (linuxcare) guys - and the locustworld.com guys - but have gotten no responses from either about security)
OOK - here is the scenario:
Imagine an ISP that is *only* wireless. They want to be a "community" ISP, want to offer only wireless wifi internet access, and want to charge for it a flat rate of 20/month. They have wireless APs covering several city blocks - or a whole city. with a physical tie at some city based colo. How do they protect the network - so that only paying customers can be authenticated and use the system?
What i have been thinking so far is that for signing up - you have to purchase/get/rent/whatever - the wireless card from the ISP. This cards MAC is in an ISP DB and its get authenticated. In addition - that MAC is tied back to a username password (or biometric) auth which then validates the user and opens up the port. Is it possible to have an ISP with such a system - that is not too overly paranoid secure - but not just a leech-net?
I think there are three very important things that should be considered when thinking about WiFi ISPs in general:
1. they should be put in place ASAP - even if they arent that secure yet.
2. we (the tech community at large) should fully support them, and pay 20/month for access.
3. wifi ISPs should offer free access to the system for city government - municipal services like fire depts, police, city engineering etc..
WHY? well because we have seen already how the big ass companies handle our bandwidth, our information, our trust and our money.
We should get a community monopoly on these systems as soon as possible. I nkow that I am *done* having any sort of qwest, global crossing, worldcom corrumpany in charge of my access.....
seriously - this is an important issue - and one where we ahve the advantage because these companies are A) almost bankrupt B) dont understand the technology C) typically slow to move on stuff like this. The only problem is that they traditionally have very deep pockets to buy things out.
But with Level 3 trying to buy up all the fiber runs it can - and absorb as many of the IP-traffic-assets as possible - they are looking to run 90% of the data routing market... but the WiFi last mile can and should be a community owned system.
Imagine if the model was changed so that a carrier would have to *pay the community* to be the access provider. If there were several million people in a city - and that city had its own WiFi network - and it was putting out bids for connections to the outside internet - you'd better believe the carriers would be putting down some fat bandwidth at reduced price for that level of market share.
We need to stop thinking so small, have some vision and take over the market and make it the way we want it.
Your right! Why lock your door? If someone really wants to get into your house, they probably will. Home security really should be security through obscurity. This must be why we've kept our Vice President in an undiclosed location for all this time?
Will it keep my fries warm too?
I can remember many years ago that there was an IR network that basically flooded the ceiling in an office with low power IR. a detector only had to point upward to catch the reflections. Prior Art?
Basically the security is the same as of a directed RF link. Even worse, as RF does not scatter well.
Put *something* into the beam - anything, like a window (best with some dirt/dust), dust or mist in the air. The light scattered off (a few percent) will still be enough to be detected with standard telescopes even from a distant observer (distant = easier to hide).
So: just a marketing hype. The old common-sense still has to be applied: if you don't absolutely control the transfer media (e.g. in-house cable), you are susceptible to eavesdropping.
i thought that news.com.com (where this story came from) was a spoof news site made to look like CNET. but from the way every1 is taking this so seriously, it looks like i am wrong..... oh, the confusion :(
Im not sure if its the same technology, but theres an ISP in my city that offer infrared links up to 10gbps (what they call 'Infra Red Wireless Fiber' -- wireless fiber.. wtf?). On the good side, you can have SOME bandwith using this technology (nothing like the few mbps on wi-fi), on the other side, the beam is very limited, what makes it useless for some aplications. /.'ed .
;o)
The technology is from MRV, in case you wonder.
Indeed, its very secure and have a 99.999% uptime garantee (yeah right).
Now im wondering about using some mirrors to steal.. erm.. borrow some bandwith and never have to worry about getting
My solution du jour is to treat any systems on the WLAN if they were on the internet, i.e. untrustworthy. The access point is firewalled off from the rest of the network and the only way in is via VPN/ssh. Whilst this does prevent you simply turning on your PDA and reading ./ it does avoid any unwanted war(drivers|walkers|cyclers) using your connection to lauch a DDOS against whitehouse.gov.
If you are worried enough about security that you'd switch to infra-red, why not just stick to wired? With IR, you're stuck with line of sight which basically defeats the purpose of WiFi. You can't reliably move around (if your body comes between the base station and your computer, you've just broken your network connection, if you walk into the next room, you've just broken your network connection, if a piece of paper falls off your desk, and blocks your antenna, you've just broken your network connection, ...)
This seems to me to have all of the drawbacks of CAT-5, with none of the benefits (namely, you can't tap into a wired ethernet connection unless you have a physical connection)
There are no tiger attacks in my area and it's all because this rock I'm holding keeps the tigers away.
see Ronja Homepage http://ronja.jikos.cz. There is a detailed free guide how to build this technology from scratch for 50$, and make 10Mbps full duplex over 1km. Just ordinary parts like stove pipes and loupes are necessary, and a week of funny, nonboring work,
no special education.
Early to mid nineties perhaps - there was a company that made networking gear for Macintosh that used infrared. You had a 'transmitter' that you aimed at one central spot on wall or ceiling and 'receivers' that you then aimed at that same spot to connect to the infrared network.
Can't remember the company name that made this and it might be too old to make a Google search on. Never saw one in operation but assume that it would have been similar to this.
About 8 years ago I worked with a group that did wireless LAN over IR. If done right you don't have to have the exact line of sight that IrDA requirees. We used 'diffuse' IR which basically meant all transceivers pointed towards the ceiling and IR bounced off the ceiling from one node to another. You were still limited to being in the same room but you didn't have to fiddle with aiming your transceivers exactly at someone else's. We even had LAN access points so with one AP in every room you could have your connection to the wired LAN and roam from room to room without losing it.
It did have the advantage of not leaking through walls, but it wasn't as robust and a large rollout would have required many more access points than an 802.11 rollout.
Then again, I also worked on 802.ll stuff during the original standards proposals stage back in '93.....it's unbelievable how long it took that standard to be created. I think they actually stopped and started from scratch at one point.
There really is no way to practically secure a wireless network, if the attacker has access to the data. Access is always the front line of security...you're not going to let someone come in and sit in a spare cubicle sniffing packets.
Wireless may be necessary in some cases, but a determination should be made of the security risk. If no sensitive data goes across the wireless network, then it doesn't matter if someone sniffs packets.
Sensitive data:
There is no hardware or software method to prevent the above from going across a wireless network, sooner or later. Even casual web browsing can provide black hats with enough information to cause damage. About the only semi-safe methods are (supposedly) encrypted web browsing, and transferring file archives with strong encryption.
What I'd like to see is a method for trapping all radio waves within a building. Let's see: at 5GHz, the wavelength is 29979200/5000000000 meters, or 6 cm. So, you need a Faraday cage with a grid diagonal of 6cm or less. I'd be interested to find out if such a grid could be applied with conductive paint, and transparent conductive grid films applied to windows. It would be a huge project to do an entire building, but you've also eliminated Van Eck monitor reading and wireless keyboard listening.
Until someone develops a spherical directable-array antenna that makes tight-beam transmissions practical, wireless is too big of a risk for any serious organization.
...
Infrared is a big chunk of the spectrum. TV remotes, IrDA, this networking being talked about, it's all very near being red light. It starts at about 800nm in wavelength and most devices don't use anything beyond 1000nm. Infrared with regards to blackbody emission from room temperature objects is around 10000nm, or 10um.
Why they don't call it a "lens" is beyond me. It seems to have to components: an incoming collector area, which focuses signals on the receptor; and an outgoing dispersive area, which spreads the outbound signal to cover a broad region.
--tsw
1) Authentication can't be purely MAC address based. Most cards can transmit packets with any arbitrary MAC address. To steal service from such a system, all you'd have to do is sniff a legitimate user's MAC address and use it when or where they're not. Trivial. If you really want this to work, I think the best way is to accept only IPSec traffic over the air. Your legitimate users will have the authentication tokens necessary to negotiate an IPSec connection to some set of server/router/VPNboxen behind the access points, and the access points themselves will drop anything that isn't either IPSec-encapsulated or an authentication attempt. Solves the problem with WEP being weak, and solves the problem of stealing service by sniffing a few packets. The only problem it doesn't solve is the wireless medium being DoSed, but that's nearly impossible to solve without accurate triangulation equipment and a large brute named Guido wielding a baseball bat.
2) I disagree that something should be put in place that isn't secure yet. Having to work around and be backward compatible with a poor rushed first implementation is exactly how nasty ugly hacks develop and linger on for years.
3) If the government has use for a wireless network, then they can pay for it like everyone else. Being a very large customer, you could offer them a volume discount, or even cut some special deal for a deep discount in return for helping you deploy speedily. But advocating giving away access to the government on a permanent basis shows that you've got no business sense whatsoever. Ain't gonna happen; any company that tries it will founder.
But other than those points, nice idea. I support you.
-----Chaz
Think about that for a moment: Sure, right now WiFi is pretty much "open" and "free". Everybody and their dog is playing with it, or actually using it. It is readily available to consumers at a low price point, which is very attractive.
However, and this is a big one: It is only this way because the government and corporations are allowing it. As soon as P2P mesh freenets start taking off, the corporations WILL cry foul to the government IF they are not "allowed" to be a part of the "mesh" (and really, do WE want a second corporate internet - isn't that what P2P is ultimately about, freedom from corporate/government domination through free exchange of information?) - once that occurs, our government will likely either make it illegal to operate an 802.11 AP, or will require a license (with hefty fees) for the frequency band to operate in (of course with limits thrown in so as not to effect cordless phones, microwave overs, etc). The corporations won't mind, they can afford the fees normal consumers cannot. Then watch the mesh network implode.
However, here is where LED (IR or otherwise) and Laser comm devices such as this can still help keep a mesh network together. It would be difficult for them to regulate using light for communications, after all. Although, I am sure they would try - and at that point, we have bigger things to worry about...
Reason is the Path to God - Anon
What the hell is it good for?
-- Robert Lloyd (engineer of the Advanced Computing Systems
Division of IBM), to colleagues who insisted that the
microprocessor was the wave of the future, c. 1968
- this post brought to you by the Automated Last Post Generator...