Seriously. Someone is excited about this pile of poo? Knock yourselves out. If any distro represents Pottering's crew & "vision" it's Fedora. I can smell the new "release" from here.
Aww, poor Indonesia and India. They are feeling threatened by AI bots and US offshoring megacorps fickle lack of loyalty? Welcome to reality, bitches. If the foreign assholes and their sleazy corporate boosters are wailing, then things are looking up. The USA isn't fucking job-bank for the rest of the world, contrary to the beliefs of the no-borders crowd.
Your answer shows your ignorance. We have a representative government. It's based on majority rules with minority rights. The majority *wants* to drive gas-guzzling SUVs and pretend like climate change is a Chinese hoax (or admit it's real and don't give a damn). I get it: you want to shriek at them. Do you really think that your all-capitals hollering will change anyone's mind or move the ball? Climate change and gun control have the same dynamic: the left shrieks and the right shrugs. I haven't seen any honest effort to change that reality. Let's be honest, it's the left who has to find a winning strategy here. For better or worse, the right is *not interested* in the shrieking monologues and all they have to do to stay in their entrenched position is.... nothing.
Check out "The Media Monopoly" by Ben Bagdikian as a primer on all things media-consolidation. He dives into the detail of how and why it happened. Back in Victorian times, there were 4-5 newspapers even in small towns. Right now, communications technology favors centralized syndication because it's much cheaper than having a news room staff in every town. Americans are often just as interested in "big" national stories vis-a-vis small local ones. So, after reading his book (and it's updated editions) it's pretty clear that there is equal blame on both news consumers and news producers. However, I also think it has something to do with the perception that journalism is just a tool for propaganda these days. Journalism has taken a hit in perceived trust on all fronts by all consumers. Perhaps it's because of the corporatism at work in most news organizations, or maybe it's also the fact that every journalist I've ever met (personally) has been an ignorant tool just chasing "trends" not news.
I've been waiting for someone to port Linux interfaces for SystemD (previously udev, kevents, and HAL) to Minix for a while, which would make it capable of replacing the Linux kernel.
While I see what you are getting at and it's a laudable goal, I don't see anyone wanting to dig into systemd to do it. It's like dissecting a skunk. You might learn something, and even do something to help, but it won't be pleasant.
I've been a MINIX user for a long time. I was introduced to it in college in my operating systems course by the Tannenbaum book. This in-chip weirdness is, uhm, bizarre. However, MINIX is still interesting. It's one of the few microkernel based Unix variants and it's innards are particularly clean and easy to hack on due to it's heritage as a teaching OS. I don't know what the hell Intel was thinking, but don't blame MINIX. Go install it and use this as an excuse to get your own hands dirty.:-)
I am a Java developer working with a.NET team. They do the **exact** same thing with.NET. <old-coot-voice>And back in my day, they used C++ and shit randomly blew up because they didn't understand pointers, but at least we had control over memory!</old-coot-voice>
Uhm, well, I'm an ASM & C programmer who's been doing it since before Java was invented. You are right, pretty much all the OO languages point at each other for having the worst memory management and dumbest ideas around abstraction. Far be it from me to suss out a winner to someone like you in the thick of the whole mess. However, just because it happens broadly to a certain class of coders doesn't mean we all have that problem. I'm writing programs that fit into 4k of RAM. When you reply that people do that all the time with Java we are all going to have a good long belly laugh and stare through your argument like a Ziess lens.
But a lot of us who use Java actually do now how to write Java code that typically doesn't leak object references and can garbage collect just fine. Pay bananas, and don't be surprised when all you get are monkeys.
I can't argue with that. Pay H1B salaries, get H1B performance. It's just funny how often the suit-weasels pick java because they think Java + H1B is their golden ticket to the country club. I bet you think that's a total mystery for some "wonderful" language like Java.
You are more full of shit than an abandoned outhouse. I could run this by every Java developer I've met
[...]
Well ask any of the inmates at the prison if they great guys in a bad situation and they'll all say the same, I'm sure. In case it wasn't clear, I don't give a flying fuck what Java devs think. They choose Java, for fuck's sake. That already tells me all I need to know. As my original post pointed out, it's *sysadmins* who can tell you the real story about Java. That narrative is a bit different from what you and your buddies claim. Ask them how portable, resource friendly, and well packaged it is. Your little "me and my friends" bubble is going to pop. Oh and you might try another language that isn't Java or M$ crap, and you might learn why those old coots are laughing up their sleeve at you.
Last time I checked, India was a country, not a race. A country who constantly lobbies to get more H1B indentured servants into the USA and acts like it's some kind of right they entitled to. Java is super popular there due to offshoring. Acting like that didn't happen or isn't a simple fact is ridiculous. One look at the Hindustan times or other Indian papers gives you an instant view into what Indians think about it, too. When you let in 60,000 - 120,000 foreigners a year to take domestic jobs (and *stay* here more or less indefinitely with infinite extensions, spouse perks, etc..) so that fat cats can get cheaper costs for their megacorps, you'll forgive the natives for having a bit of angst. I never said anything against brown people, but I have *every fucking right* (and then some) to be anti-India. Fuck India. If you don't like it, you are free to go back there, pal.
I forgot about the abstraction hell, too. Java programmers are as guilty (probably more) than most OO coders. I understand the whole "let's make the solution space look like the problem space" but the level they take the abstraction to is ridiculous. It's so extreme as to become detrimental to the operational goal of the code in the first place. As messy and unreadable as Perl is, I'll take that any day over 10 levels of abstraction. You might as well just encrypt the code and be done with it. What's sad is those abstraction weenies will sit there and tell you with a straight face that they did it to *enhance* the readability. Crazy.
Perl just looks like line noise because of the heavy use of regular expressions. Java actually sucks across multiple vectors, for example, everything is supposed to be an object. Oh yeah, except for all the built-in scalar types etc... STUPID. You also see huge amounts of boilerplate code in Java. Their garbage collection just makes the coder dumber and still eats memory (ie.. nothing reaps until it goes out of scope - which is often the source of memory being tied up just like a leak would do just via a different route). Java is also a sysadmin's most hated language because you are constantly dealing with clueless Indians and other folks on Java's level and they have no idea how to tune their app other than "Give me everything the system has." That usually includes any memory you were hoping to use for the OS caches and kernel. Finally, Java's "promise" of write once run everywhere is a total lie. It's more like write once run on the exact same version and rig as the developer and it'll work if you are really really freakin' lucky. News flash: C is actually the most portable language. You buy a devkit you can bet someone has a C compiler for that platform. A Java interpreter comes way later. C is everywhere, java is a poorly implemented pipe dream. Perl is just a utility language. If you write more than 500 lines of Perl you are probably doing it wrong.
Your post cheered me up. You've got the right idea. I'd much rather join your flavor of rebellion. Right on, brother. BTW, just to be clear, my unhappiness is not because I'm all news-addicted and in some tinfoil-hat worry-state - it's just straight up random bad luck in my personal life. I admit I could cope better. However, it's the jerkholes that want to blame me for 100% everything that bring the irritation. I'm all for taking responsibility for what I can control, but that doesn't excuse the rich elite from rape, either.
I'm sure all the folks in the French revolution were at fault for being starved by the aristocrats, huh? Asshole. I'm sure all the poor people who ever had a miserable time of it were totally at fault, too. You fucking (anonymous) coward. It's a real shame you aren't around to say that to my fucking face, too, tough guy. You and all the other "you live in America, that should be good enough." folks. You are some real tough guys online. Try floating that to someone in real life who isn't a child or an old woman. You'll get your cowardly shit talking sheltered ass beaten into a stinking selfish ignorant pulp. People like you are typically the "collaborator" class. The ones who take the side of the rich because they think somehow it's going to be them someday. In most revolutions you get strung up on the same trees as your rich buddies. So, go ahead, tell me I can eat cake, Marie, then go fuck yourself.
Not being a huge fan of India, I'm fairly sanguine about the news. Smartphones are mostly an scourge on concentration and social skills. Let the Indians lap them up and poison their kids and culture with them, too. If they didn't they'd have more than just the H1B program helping them trash the American job market - they'd have an actual *advantage* (other than only being cheap, English speaking, and numerous like today).
ENOUGH. Time to roll out the goddamn guillotines. They will never release control with out a fight. This economy has and culture have taken so much from all of us. If it comes down to blood in the streets so be it. My life sucks already. Knuckle up Daddy Warbucks - it's clobberin' time.
No. Just no freakin' way. The folks they will hire as delivery folks aren't going to be well paid. I can see casing your house for a later robbery as being a helluva lot more lucrative. Having "cloud security" just means it's probably not working as well as a normal security system or being used/hijacked as a DDoS zombie. Call me a Luddite, but I gotta say "Not just no. Hell no, Amazon."
That's the business model. As Bruce Schneier says it's a "Surveillance Business Model". That's the "deal". They give you a set of crappy applications for free, you ignore the fact that they can and will spy on you the maximum degree they think they can get away with (and beyond if they think they can hide their activities from you). OF COURSE these apps are gonna take your picture without you knowing. If they thought they could hold pictures of you fucking your wife for ransom, they'd do that too. If they can convert your everyday speech to text and log your entire day's conversation to mine with AI for marketing tips or other ways to pull some kind of overseas Bitcoin blackmail, THEY WILL. If you think that last bit came from my tinfoil hat, you must have been asleep when Samsung did it with their smart TVs while they were supposedly turned off. All this spying and dishonestly is really fundamentally part of the new corporate business model. It's not a fluke, or news; it's the new normal.
Dell is (still) a massive H1B shop. I'm surprised they even got the domain registered at all. Perhaps Tata, Wipro, or Cognizant can help the poor beset millionaire C-level pukes figure it out.
Encryption weenies place a lot more faith in it's power than I do. So, are we supposed to trust SSL? I don't. Besides being eat-up with a laundry list of past vulnerabilities, I'm supposed to trust some megacorp that says some other megacorp or boiler-room-scam operation capable of issuing a certificate signing request is trustworthy? Why again? Just because they can pay folks to answer the phone or to supposedly check someone's business license? That doesn't mean *squat*. There are so many instances where that system has broken down due to technical and logistical reasons, it's not even funny.
You ever notice how everyone gets all concerned about algorithms being broken but it's usually the implementation that the hackers go after and break? What difference does it make if you have a steel vault door if it's mounted on a balsa wood frame? So, because of that fact, how is anyone supposed to trust anything that's "encrypted" ? You can't trust the OS to not be keylogging you, the feds or the author not to have backdoored the implementation, nor can you trust that someone won't simply beat the password out of user (ie.. rubber hose decryption method). If you ask me, the promise of encryption is a lie. It's marginally useful to obfuscate sensitive details in transit or for hashing. The idea that it can always be trusted and is some kind of panacea against hacking is laughable and been proven idiotic over and over, especially when pronounced upon high by evil megacorporations who have ZERO credibility anymore.
Of course you *can* replay the traffic. That's not the point. The point is that a device with mitigation code can slow down the ARP responses to a level that you simply can't do it fast enough to gather enough of of the traffic with IV's in-session to crack the keys without spending days or weeks gathering the data. This was the original point - the current WEP attacks are often mitigated and take way longer than they did previously making them much more onerous to pull off (not impossible, just extremely inconvenient).
You can't simply generate any type of traffic. It works based on a weakness in the key scheduling algo which needs ciphertext from the initialization vector. That's why replaying ARP usually works, it resets the state in such a way that new IV's are generated. Just grabbing random ciphertext out of the air won't do squat unless it's got that bit of conversation present. That's also why manufacturers have limited the number of responses to ARP "who-has" requests to mitigate the attack, make ARP spoofing less effective, and generally screw up the attack and make it either untenable or take for-freakin-ever. Maybe "your friend" who actually spent some time on the metal and actually *tried* it can give you a clue. I never said cracking WEP was impossible, I'm saying it's oversimplified by blow-hard 37337 h0x0xrs who have never tried it but talk a good game online and is now mitigated to be a bigger PITA. I've been *plenty* successful at doing it and I do security scans on a regular basis, which include this type of activity. Folks just aren't keeping up with the state of where WEP cracking is *today* and just hand wave it off saying it can be done easily in a few seconds, which isn't true very often these days.
Wrong. I understand the attack fully. What I'm telling you is that the methods used to create spurious traffic are being mitigated. The target AP temporarily stops responding to ARP requests at a useful rate to generate adequate traffic. Work on your reading comprehension. It would appear *you* illustrate exactly what I'm saying: someone who read about the attack, but hasn't tried it widely or recently.
Having run aircrack, several variants such as aircrack-ng, airsnort, and other WEP cracking tools, I call bullshit. They are terrible tools and rarely work as "advertised". Yes, I've been able to occasionally crack a WEP key on an AP. So, it's not like they are completely garbage. However, if you actually use these tools you'll find that they don't work "in a few minutes" in all but the very best scenarios. In many cases, when the AP attacks that force clients to re-init their keys (and thus give you a chance at the key part of the hack) don't work at all. Many AP's have code to mitigate this. Again, I'm not saying WEP is secure, I'm saying the folks who are claiming it can *always* be done or suggest that it's super easy haven't actually tried it.
Slashdot Mirror
Seriously. Someone is excited about this pile of poo? Knock yourselves out. If any distro represents Pottering's crew & "vision" it's Fedora. I can smell the new "release" from here.
All those poor street-shitting urchins and train rapists. Maybe we should give them some more H1B jobs to make it all better?
Aww, poor Indonesia and India. They are feeling threatened by AI bots and US offshoring megacorps fickle lack of loyalty? Welcome to reality, bitches. If the foreign assholes and their sleazy corporate boosters are wailing, then things are looking up. The USA isn't fucking job-bank for the rest of the world, contrary to the beliefs of the no-borders crowd.
Your answer shows your ignorance. We have a representative government. It's based on majority rules with minority rights. The majority *wants* to drive gas-guzzling SUVs and pretend like climate change is a Chinese hoax (or admit it's real and don't give a damn). I get it: you want to shriek at them. Do you really think that your all-capitals hollering will change anyone's mind or move the ball? Climate change and gun control have the same dynamic: the left shrieks and the right shrugs. I haven't seen any honest effort to change that reality. Let's be honest, it's the left who has to find a winning strategy here. For better or worse, the right is *not interested* in the shrieking monologues and all they have to do to stay in their entrenched position is.... nothing.
Check out "The Media Monopoly" by Ben Bagdikian as a primer on all things media-consolidation. He dives into the detail of how and why it happened. Back in Victorian times, there were 4-5 newspapers even in small towns. Right now, communications technology favors centralized syndication because it's much cheaper than having a news room staff in every town. Americans are often just as interested in "big" national stories vis-a-vis small local ones. So, after reading his book (and it's updated editions) it's pretty clear that there is equal blame on both news consumers and news producers. However, I also think it has something to do with the perception that journalism is just a tool for propaganda these days. Journalism has taken a hit in perceived trust on all fronts by all consumers. Perhaps it's because of the corporatism at work in most news organizations, or maybe it's also the fact that every journalist I've ever met (personally) has been an ignorant tool just chasing "trends" not news.
I've been waiting for someone to port Linux interfaces for SystemD (previously udev, kevents, and HAL) to Minix for a while, which would make it capable of replacing the Linux kernel.
While I see what you are getting at and it's a laudable goal, I don't see anyone wanting to dig into systemd to do it. It's like dissecting a skunk. You might learn something, and even do something to help, but it won't be pleasant.
I guess Intel didn't want systemd, either. Damn, even the evil empires can't stomach that pile of garbage.
I've been a MINIX user for a long time. I was introduced to it in college in my operating systems course by the Tannenbaum book. This in-chip weirdness is, uhm, bizarre. However, MINIX is still interesting. It's one of the few microkernel based Unix variants and it's innards are particularly clean and easy to hack on due to it's heritage as a teaching OS. I don't know what the hell Intel was thinking, but don't blame MINIX. Go install it and use this as an excuse to get your own hands dirty. :-)
I am a Java developer working with a .NET team. They do the **exact** same thing with .NET. <old-coot-voice>And back in my day, they used C++ and shit randomly blew up because they didn't understand pointers, but at least we had control over memory!</old-coot-voice>
Uhm, well, I'm an ASM & C programmer who's been doing it since before Java was invented. You are right, pretty much all the OO languages point at each other for having the worst memory management and dumbest ideas around abstraction. Far be it from me to suss out a winner to someone like you in the thick of the whole mess. However, just because it happens broadly to a certain class of coders doesn't mean we all have that problem. I'm writing programs that fit into 4k of RAM. When you reply that people do that all the time with Java we are all going to have a good long belly laugh and stare through your argument like a Ziess lens.
But a lot of us who use Java actually do now how to write Java code that typically doesn't leak object references and can garbage collect just fine. Pay bananas, and don't be surprised when all you get are monkeys.
I can't argue with that. Pay H1B salaries, get H1B performance. It's just funny how often the suit-weasels pick java because they think Java + H1B is their golden ticket to the country club. I bet you think that's a total mystery for some "wonderful" language like Java.
You are more full of shit than an abandoned outhouse. I could run this by every Java developer I've met [...]
Well ask any of the inmates at the prison if they great guys in a bad situation and they'll all say the same, I'm sure. In case it wasn't clear, I don't give a flying fuck what Java devs think. They choose Java, for fuck's sake. That already tells me all I need to know. As my original post pointed out, it's *sysadmins* who can tell you the real story about Java. That narrative is a bit different from what you and your buddies claim. Ask them how portable, resource friendly, and well packaged it is. Your little "me and my friends" bubble is going to pop. Oh and you might try another language that isn't Java or M$ crap, and you might learn why those old coots are laughing up their sleeve at you.
Last time I checked, India was a country, not a race. A country who constantly lobbies to get more H1B indentured servants into the USA and acts like it's some kind of right they entitled to. Java is super popular there due to offshoring. Acting like that didn't happen or isn't a simple fact is ridiculous. One look at the Hindustan times or other Indian papers gives you an instant view into what Indians think about it, too. When you let in 60,000 - 120,000 foreigners a year to take domestic jobs (and *stay* here more or less indefinitely with infinite extensions, spouse perks, etc..) so that fat cats can get cheaper costs for their megacorps, you'll forgive the natives for having a bit of angst. I never said anything against brown people, but I have *every fucking right* (and then some) to be anti-India. Fuck India. If you don't like it, you are free to go back there, pal.
I forgot about the abstraction hell, too. Java programmers are as guilty (probably more) than most OO coders. I understand the whole "let's make the solution space look like the problem space" but the level they take the abstraction to is ridiculous. It's so extreme as to become detrimental to the operational goal of the code in the first place. As messy and unreadable as Perl is, I'll take that any day over 10 levels of abstraction. You might as well just encrypt the code and be done with it. What's sad is those abstraction weenies will sit there and tell you with a straight face that they did it to *enhance* the readability. Crazy.
Perl just looks like line noise because of the heavy use of regular expressions. Java actually sucks across multiple vectors, for example, everything is supposed to be an object. Oh yeah, except for all the built-in scalar types etc... STUPID. You also see huge amounts of boilerplate code in Java. Their garbage collection just makes the coder dumber and still eats memory (ie.. nothing reaps until it goes out of scope - which is often the source of memory being tied up just like a leak would do just via a different route). Java is also a sysadmin's most hated language because you are constantly dealing with clueless Indians and other folks on Java's level and they have no idea how to tune their app other than "Give me everything the system has." That usually includes any memory you were hoping to use for the OS caches and kernel. Finally, Java's "promise" of write once run everywhere is a total lie. It's more like write once run on the exact same version and rig as the developer and it'll work if you are really really freakin' lucky. News flash: C is actually the most portable language. You buy a devkit you can bet someone has a C compiler for that platform. A Java interpreter comes way later. C is everywhere, java is a poorly implemented pipe dream. Perl is just a utility language. If you write more than 500 lines of Perl you are probably doing it wrong.
Your post cheered me up. You've got the right idea. I'd much rather join your flavor of rebellion. Right on, brother. BTW, just to be clear, my unhappiness is not because I'm all news-addicted and in some tinfoil-hat worry-state - it's just straight up random bad luck in my personal life. I admit I could cope better. However, it's the jerkholes that want to blame me for 100% everything that bring the irritation. I'm all for taking responsibility for what I can control, but that doesn't excuse the rich elite from rape, either.
I'm sure all the folks in the French revolution were at fault for being starved by the aristocrats, huh? Asshole. I'm sure all the poor people who ever had a miserable time of it were totally at fault, too. You fucking (anonymous) coward. It's a real shame you aren't around to say that to my fucking face, too, tough guy. You and all the other "you live in America, that should be good enough." folks. You are some real tough guys online. Try floating that to someone in real life who isn't a child or an old woman. You'll get your cowardly shit talking sheltered ass beaten into a stinking selfish ignorant pulp. People like you are typically the "collaborator" class. The ones who take the side of the rich because they think somehow it's going to be them someday. In most revolutions you get strung up on the same trees as your rich buddies. So, go ahead, tell me I can eat cake, Marie, then go fuck yourself.
Not being a huge fan of India, I'm fairly sanguine about the news. Smartphones are mostly an scourge on concentration and social skills. Let the Indians lap them up and poison their kids and culture with them, too. If they didn't they'd have more than just the H1B program helping them trash the American job market - they'd have an actual *advantage* (other than only being cheap, English speaking, and numerous like today).
ENOUGH. Time to roll out the goddamn guillotines. They will never release control with out a fight. This economy has and culture have taken so much from all of us. If it comes down to blood in the streets so be it. My life sucks already. Knuckle up Daddy Warbucks - it's clobberin' time.
No. Just no freakin' way. The folks they will hire as delivery folks aren't going to be well paid. I can see casing your house for a later robbery as being a helluva lot more lucrative. Having "cloud security" just means it's probably not working as well as a normal security system or being used/hijacked as a DDoS zombie. Call me a Luddite, but I gotta say "Not just no. Hell no, Amazon."
That's the business model. As Bruce Schneier says it's a "Surveillance Business Model". That's the "deal". They give you a set of crappy applications for free, you ignore the fact that they can and will spy on you the maximum degree they think they can get away with (and beyond if they think they can hide their activities from you). OF COURSE these apps are gonna take your picture without you knowing. If they thought they could hold pictures of you fucking your wife for ransom, they'd do that too. If they can convert your everyday speech to text and log your entire day's conversation to mine with AI for marketing tips or other ways to pull some kind of overseas Bitcoin blackmail, THEY WILL. If you think that last bit came from my tinfoil hat, you must have been asleep when Samsung did it with their smart TVs while they were supposedly turned off. All this spying and dishonestly is really fundamentally part of the new corporate business model. It's not a fluke, or news; it's the new normal.
Dell is (still) a massive H1B shop. I'm surprised they even got the domain registered at all. Perhaps Tata, Wipro, or Cognizant can help the poor beset millionaire C-level pukes figure it out.
Encryption weenies place a lot more faith in it's power than I do. So, are we supposed to trust SSL? I don't. Besides being eat-up with a laundry list of past vulnerabilities, I'm supposed to trust some megacorp that says some other megacorp or boiler-room-scam operation capable of issuing a certificate signing request is trustworthy? Why again? Just because they can pay folks to answer the phone or to supposedly check someone's business license? That doesn't mean *squat*. There are so many instances where that system has broken down due to technical and logistical reasons, it's not even funny.
You ever notice how everyone gets all concerned about algorithms being broken but it's usually the implementation that the hackers go after and break? What difference does it make if you have a steel vault door if it's mounted on a balsa wood frame? So, because of that fact, how is anyone supposed to trust anything that's "encrypted" ? You can't trust the OS to not be keylogging you, the feds or the author not to have backdoored the implementation, nor can you trust that someone won't simply beat the password out of user (ie.. rubber hose decryption method). If you ask me, the promise of encryption is a lie. It's marginally useful to obfuscate sensitive details in transit or for hashing. The idea that it can always be trusted and is some kind of panacea against hacking is laughable and been proven idiotic over and over, especially when pronounced upon high by evil megacorporations who have ZERO credibility anymore.
Of course you *can* replay the traffic. That's not the point. The point is that a device with mitigation code can slow down the ARP responses to a level that you simply can't do it fast enough to gather enough of of the traffic with IV's in-session to crack the keys without spending days or weeks gathering the data. This was the original point - the current WEP attacks are often mitigated and take way longer than they did previously making them much more onerous to pull off (not impossible, just extremely inconvenient).
You can't simply generate any type of traffic. It works based on a weakness in the key scheduling algo which needs ciphertext from the initialization vector. That's why replaying ARP usually works, it resets the state in such a way that new IV's are generated. Just grabbing random ciphertext out of the air won't do squat unless it's got that bit of conversation present. That's also why manufacturers have limited the number of responses to ARP "who-has" requests to mitigate the attack, make ARP spoofing less effective, and generally screw up the attack and make it either untenable or take for-freakin-ever. Maybe "your friend" who actually spent some time on the metal and actually *tried* it can give you a clue. I never said cracking WEP was impossible, I'm saying it's oversimplified by blow-hard 37337 h0x0xrs who have never tried it but talk a good game online and is now mitigated to be a bigger PITA. I've been *plenty* successful at doing it and I do security scans on a regular basis, which include this type of activity. Folks just aren't keeping up with the state of where WEP cracking is *today* and just hand wave it off saying it can be done easily in a few seconds, which isn't true very often these days.
Wrong. I understand the attack fully. What I'm telling you is that the methods used to create spurious traffic are being mitigated. The target AP temporarily stops responding to ARP requests at a useful rate to generate adequate traffic. Work on your reading comprehension. It would appear *you* illustrate exactly what I'm saying: someone who read about the attack, but hasn't tried it widely or recently.
Having run aircrack, several variants such as aircrack-ng, airsnort, and other WEP cracking tools, I call bullshit. They are terrible tools and rarely work as "advertised". Yes, I've been able to occasionally crack a WEP key on an AP. So, it's not like they are completely garbage. However, if you actually use these tools you'll find that they don't work "in a few minutes" in all but the very best scenarios. In many cases, when the AP attacks that force clients to re-init their keys (and thus give you a chance at the key part of the hack) don't work at all. Many AP's have code to mitigate this. Again, I'm not saying WEP is secure, I'm saying the folks who are claiming it can *always* be done or suggest that it's super easy haven't actually tried it.
Keep up the good work fellas. I want to shout out to the great artists that contribute their work to KDE. You guys put it over the top. Rock on.