Re: ALERT: WPA can be less secure than WEP

Mark McIntyre <markmcintyre@xxxxxxxxxxx> hath wroth:

>They could start by not putting any external indications of passwords,
>security codes etc. Heck, I can /see/ my neighbour's router from my
>study window, and with my trusty 10x50s I can read the serial number
>off the back.

2wire puts the WEP key on the bottom. Unless your binoculars have
x-ray vision, you're not going to see it. I also put my post it notes
on the bottom.

>It would help also if the reset button didn't reset routers to "I'm
>wide open, ravish me" mode. I hope we can agree on that.

Yep. Reset should return it to the factory default, secure by default
mode. See my first comments in this thread.

>>Actually, I do just that except on the bottom of the router.
>
>I rest my case. Actually, I find this a pretty shocking admission from
>a someone whose advice I normally consider excellent.

I do many worse things in the name of expediency and convenience. I
don't like the idea of putting post it notes under the routers, but
that's about the only way I've found to avoid the chronic phone calls
asking "what's my wep key". Again, the issue is whom I'm trying to
potect against. It's effective against drive by hackers and war
drivers. It's useless against the neighbors 16 year old porno
collector.

>Earlier on you said
>"Adding another layer to the installation ordeal process is only a
>band-aid "
>and in another thread, I recall you wrote something similar,
>suggesting that the install CDs were a waste of time.

That's correct. The built in web server in the router is fully
capeable of running the entire setup ordeal including the client
setup. A decent status page that shows connection progress would be a
big help, but it can be done with what's currently available. For
example, Netgear WGR-614 has a setup wizard that does a fair job of
autodetecting the WAN setup. This can easily be expanded to include
setting up the clients. I see no reason to add an additional setup
program when the tools already are there and are 90% complete.

>>>"Our exclusive FullPass instant connection technology enables any
>>>computer, and other service provider supported wireless devices, to
>>>automatically connect to the correct wireless network with the highest
>>>level of Wi-Fi security available."
>>>
>>>Sounds to me like a claim to be able to reconfigure client devices.
>>
>>Nope.
>
>I strongly disagree, and fail to see how anyone can read that
>marketing blurb as anything other than "press the green button for
>instant secure connections", which in turn pretty much obligates them
>to reconfigure my 5-year old 11b network card automagically. Obvoiusly
>however YMMV.

Searching the support page finds nothing under FullPass.

http://www.2wire.com/?p=95&pid=122
"2Wire has simplified connecting computers wirelessly with
the exclusive FullPass secure instant set up, a technology
which establishes a secure wireless Internet connection with
the push of a button; FullPass alleviates the need to enter
wireless encryption keys while providing the highest level of
security available. The GuestPass feature allows friends and
family to access the broadband connection wirelessly without
gateway owners having to divulge their wireless security key
or risk virus infection from their guests? computers."

I have no idea how this works as I haven't seen the FullPass product
in action yet as it's only in the HomePortal 2000 line as a
"GreenLight" button on the front panel. Probably similar to Linksys
SES, or Buffalo AOSS, which is what I've been complaining about. Just
push the button and you're instantly secure.


--
Jeff Liebermann jeffl@xxxxxxxxxxxxxxxxxxxxxx
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
.