| On Wed, 23 Jan 2008, Ron Schmittou wrote:
> SO what should us more mechanically inclined than technically inclined
> folks do?  I thought setting up with a required key you have to enter
> was secure? How are people getting pass this?
There are three different "standard" encryption techniques in today's 
consumer-grade wi-fi access points: WEP, WPA and WPA2.
WEP, as it has been discussed here, is pretty transparent. It is useful 
simply to keep the casual knob-twister out.
WPA is also crackable. It just takes more effort.
WPA2 has trouble, but I'm not sure I've yet read of any cracks of a 
properly-secured WPA2 network. There are varying measurements of 
"properly-secured" - some require SecureID tokens, etc.
Fundamentally, there are two different related concerns that anyone 
running a wireless network should have in mind. One is how much you need 
to protect the data you're passing through the air, the other is how hard 
you need to make it to get onto *your* network (to go somewhere else).
If you're concerned about the data payload being captured, then make it as
secure as you practically can - use WPA2 - or don't use wireless at all. 
It is not unreasonable to have one wireless network for your TiVo (or 
other devices that can't/won't go to the max on security) - or to simply 
run wires (if possible).
I see no trouble with using WEP in many lower-density environments,
particularly if there are other more easy-pickings for someone who is
looking to find a wifi network for Internet access (for whatever
purposes). Personally, I run a single 64-bit WEP-encrypted WLAN at my
house (in my lower-density neighborhood), and make sure that the data that
may flow through the air is encrypted at layer 3 (via SSL or
SSH), rather than rely on the data-link (layer 2) protection.
If you have gone to reasonable lengths to close your network to the
outside, I would expect it to be pretty difficult to an entity to find you
liable for whatever havoc an outside party could wreak (were said outside
party to break into and use your network connection to wreak said havoc). 
IANAL, YMMV.
By the way, if real data-grade wiring is impractical, have a look into
HPNA 2.0 (10Mbit over almost any telephone-ish copper pair) or
data-over-powerlines (like HomePlug, which is up to "85 Mbit"). Both are
accomplished with equipment that isn't too expensive (well under $50 for 
at least two nodes). Then again.. I guess someone could hook *his* HPNA 
gear to the NID (if it is outside your house) or tap into your electrical 
system...
-Peter
--
Peter Murray (N3IXY)
Oak Hill, VA
_______________________________________________
Support Team.Net  http://www.team.net/donate.html
Shop-talk mailing list
http://autox.team.net/mailman/listinfo/shop-talk
http://www.team.net/archive
 |