The Year 2003 in Wireless Network Security
OenMarK writes "I ran into an article that is basically an overview of events, software releases, and happenings related to wireless security. There's also a Q&A with some wireless security experts, one of which is from IBM.
What's your take on wireless security? Are we there yet?" This is the same site that also hosts the look back at Linux security we posted earlier. They complement each other well.
Are we there yet? Lets see..
1) 802.11i is still not yet approved as a standard
2) WPA (the impetuously released TKIP variant) is not widely available and like 802.11i relies on 802.1X.
3) 802.1X has been withdrawn by the IEEE pending a re-write. Its broken for wireless. Don't expect to see the revision any time soon.
4) No semblance of a seamless, inter operator, inter hotspot, non web-pagey user authentication scheme for mobile devices is widely deployed for 802.11.
5) Other wireless networks that are deployed are insecure (E.G. GSM)
I think maybe there's a way to go yet.
Evil people are out to get you.