4/4 I just bought some wireless LAN stuff and googled when I came home. I
came across WPA, which one of my purchase has. So is this a big loss?
With so many WEP only devices out there, is WPA or its successor
11i really going to take hold? And is WPA really any better than
WEP? (Some slash dot article said otherwise but I lack the technical
knowledge to judge.)
\_ WPA is an interim standard. It's not really been formalized or
accepted anywhere, and most manufacturers just treat it as an
step towards 802.11i. All it really is, usually, is WEP with
key rotation (typical: 5min interval)--I haven't seen it use AES.
What's shit though is that only the station-AP unicast connections
do the key rotation--there's provision for a broadcast key, which
is still insecure. And, like with 802.11whatever, all the
administrative/network management info is still unencrypted and
unchecked. So no, it's no loss, but it's not much more than WEP
security-wise. You should _not_ rely on _any_ existing wifi
"security mechanisms" to provide real security--use ipsec over
it and it won't matter if WEP or WPA or whatever. -John
\_ It shouldn't really matter. When a new standard comes out
you should be able to upgrade your firmware to follow the
new standard, and AFAIK most WPA enabled stuff should be
WEP backwards compatible. |
http://csua.com/feed/