Mostly they're a pain to set up unless you've got quality equipment. Also many end users don't care about the hassle of having to remember wep keys and fidget with the equipment in case of problems.PVR_Extremist said:You've gotta laugh
I've found one in my street that at a push I can connect to with my laptop and I went around to a mates house yesterday for a trustees meeting and my laptop picked up another one with a good signal quality.
I've found another here at work (not ours but another tenant in this shared tenancy building).
Are people completly ignorant about these things inspite of the widespread media coverage of this issue out there?
I think I'm gonna start an IT Security consultancy. I've got my WIFI network here at work bulletproof with 802.1x certificate security, EAP-TLS and RADIUS
T
Why are there so many unprotected WIFI networks?
- Thread starter PVR_Extremist
- Start date
With my bank account I can surf to my bank and get a new credit card number. I can say how much I want on it, and the expiry date. I put just enough money for the specific transaction I want to do (plus a little margin in case there's some unexpected shipping/handling cost). That way I don't need to need to worry about companies keeping my credit card.pcchen said:
How common is that?
I've never heard of that before. It sounds... interesting, to say the least. Wish I could get something like that.
randycat99
Veteran
Yes, that does sound like a very clever technique- sort of like a proxy computer ID security, except applied to CC's. I wouldn't take it as absolutely invulnerable, either (not that anything else is, either). You would just have to make sure that access to your bank account (logging in) is that much more robust, because if someone does get in that way, then they could just as easily apply the proxy CC feature to your misfortune. This would just be a security at your computer vs. security at the vendor situation. Ideally, you want to optimize both because you could be exploited at either end (no pun intended). 
A more secure method is to use IC card to authenticate. However, if there is already a Trjoan horse running in your computer, it may also have access to your IC card (when it's connected to your computer, of course).
Another way is the so-called two-factor authentication. You use a hardware key (which is not connected to anything) which generates and display a unique ID based on a unique key and the current time. This unique ID is valid for, say, 60 seconds (and only once, to prevent Trojan horses to reuse this ID). You have to input this unique ID to authenticate the transaction. Since this hardware key is not connected to anything, Trojan horses can't hijack it. Combine this hardware key with a normal password or PIN code, it should be even more secure than an IC card.
Combine this authentication with the "one-time credit card number" scheme, it's should be safer to shop on-line.
Another way is the so-called two-factor authentication. You use a hardware key (which is not connected to anything) which generates and display a unique ID based on a unique key and the current time. This unique ID is valid for, say, 60 seconds (and only once, to prevent Trojan horses to reuse this ID). You have to input this unique ID to authenticate the transaction. Since this hardware key is not connected to anything, Trojan horses can't hijack it. Combine this hardware key with a normal password or PIN code, it should be even more secure than an IC card.
Combine this authentication with the "one-time credit card number" scheme, it's should be safer to shop on-line.
Basic said:
Wow is that a Swedish thing? Cause i've NEVER heard of anything like that before.
Oh by the way, I've put WPA-PSK on, after about 8 months of complete openness.
http://www.cahoot.com/
The webcard from Cahoot might do a similar thing in the UK. Haven't checked, but I think it's similar.
The webcard from Cahoot might do a similar thing in the UK. Haven't checked, but I think it's similar.
We did a paper on WEP and what it was intended for in my security class last quarter. It is basically meant to prevent casual eavesdropping is all. It is meant to provide the physical security of your packets similar to what you would inherently get from having a direct cable connecting your internet. No one can see and sniff those packets unless they tap into it. So the wireless transmissions...WEP sorta converts them into cables per se...if you understand what I mean...thats the intent...nothing more. WPA is more robust. There are many many ways WEP can be broken. AirSnort and WEPCrack are two freely available WEP crackign programs out there. And the only downside is you need to get like 2-3 gigs of packet data on the person you are trying to hack IIRC. That is a lot of traffic...it takes a while on a home network...average time prob 6 months so you have to be very patient. On a high traffic sight it will prob take a week maybe...I am guessing...but you can change your WEP key everyday or whatever which leads to another problem of distributing your key to all auhtorized users on the wireless and so on...which is another reason why people dont use WEP. Another is they dont know about it. Another prob is that they are lazy.
randycat99
Veteran
Wired Equivalency Protocol
Your description is pretty much on the mark. WEP was never intended to provide any more security than your average wired TCP network. It's just a "basic security" step that is better than just being wide-open.
Anybody read that 2-part feature on WEP cracking at tomshardware, as of late? I got lost ultimately, but I guess it is fairly easy for those who live, breath, and eat computer stuff. I'm not going to be "alarmist" and tell everybody to batten down the hatches if they are using WEP. It's still better than nothing at all for your Joe shmoe home network. Just realize, that if someone really wants to get in (if not for the waste in their own time for bothering), there is a relatively simple, systematic way to do it using tools that can be readily downloaded (as they are literally referenced in the Tom article). It's not really that different than your car door. You can lock it to stop casual passersby, but it's not going to stop someone that "really" wants to get in. We've all learned to live with that, as well, so just think of WEP like that.
I just got around to switching my own AP to WPA encryption....and it was quite painless than I was expecting. I'm surprised more people don't just do it from the start. I only did it because my laptop "lost track" of my existing WEP code, so I was "locked out" as it were (ironic, eh? WEP was doing its job well enough against me ). So it was either a reboot (which would make the WEP code available, once again), or I could just take this as an opportunity to reconfigure my security (from a second computer physically wired to the network) and manually enter in the new password. Worked like a friggen snap! [imagines the coders who made my AP proclaiming, "Just how damn easy DO we got to make this so people get their WPA running???"] I gratefully send them my gratuity for making it as easy as typing a word in a box and hitting "save" on a webform.
Your description is pretty much on the mark. WEP was never intended to provide any more security than your average wired TCP network. It's just a "basic security" step that is better than just being wide-open.
Anybody read that 2-part feature on WEP cracking at tomshardware, as of late? I got lost ultimately, but I guess it is fairly easy for those who live, breath, and eat computer stuff. I'm not going to be "alarmist" and tell everybody to batten down the hatches if they are using WEP. It's still better than nothing at all for your Joe shmoe home network. Just realize, that if someone really wants to get in (if not for the waste in their own time for bothering), there is a relatively simple, systematic way to do it using tools that can be readily downloaded (as they are literally referenced in the Tom article). It's not really that different than your car door. You can lock it to stop casual passersby, but it's not going to stop someone that "really" wants to get in. We've all learned to live with that, as well, so just think of WEP like that.
I just got around to switching my own AP to WPA encryption....and it was quite painless than I was expecting. I'm surprised more people don't just do it from the start.
I only did it because my laptop "lost track" of my existing WEP code, so I was "locked out" as it were (ironic, eh? WEP was doing its job well enough against me ). So it was either a reboot (which would make the WEP code available, once again), or I could just take this as an opportunity to reconfigure my security (from a second computer physically wired to the network) and manually enter in the new password. Worked like a friggen snap! [imagines the coders who made my AP proclaiming, "Just how damn easy DO we got to make this so people get their WPA running???"] I gratefully send them my gratuity for making it as easy as typing a word in a box and hitting "save" on a webform. randycat99
Veteran
I've read that the higher security configurations create more of an issue of computer processing overhead than network bandwidth overhead (though it does create more data to be transferred). So it's probably not an issue unless you are flogging your WAP bandwidth in unsecured mode. If you are using an older computer (sub-Ghz?), possibly the processing overhead issue could make the fancier security modes a problem.
Wasnt there a recent download for XP from MS that enabled WPA and WPA2 or something like that? I wonder if my router has WPA enabled. It would be nice to use that feature. When we move to our new house I have been given almost unlimited budget in making the wireless work everywhere on our property so I guess I better start researching on the good routers and wireless stuff.