Re: Wi-Fi: Essential Checklist

On Fri, 28 Nov 2008 18:50:49 -0800, Jeff Liebermann <jeffl@xxxxxxxxxx>
wrote:

On Fri, 28 Nov 2008 19:27:17 -0600, Char Jackson <none@xxxxxxxxxxxx>
wrote:

On Fri, 28 Nov 2008 12:11:32 -0800, Jeff Liebermann <jeffl@xxxxxxxxxx>
wrote:

I'll be blunt (because I'm in hurry to leave for a free lunch).
Whom would you prefer to believe? The person that has to make the
stuff work and keep the paying customers safe and happy? Or the
professional author and critic that takes pot shots at the industries
attempts to get it right? Pick one.

In a vacuum, I would tend to pick the professional over the repairman,
but I hope one wouldn't have to pick in a vacuum.

Well, I screwed up several times here.

I thought I did that once, but I was mistaken. ;-)

As for the repairman versus the professional (insert title), my
preferences tend to vary. Next time you have a problem with your
automobile, try asking an automotive engineer for a usable solution.
I've actually done this. I think you'll find that the repairman knows
more about how to fix the car than the designer.

Well, of course, if you're looking for repair advice the repairman is
likely to know more, but your question above was a much more generic
"whom would you believe". Since your preferences vary, I assume you
agree with me at least part of the time that the professional
(professional WHAT?) is likely to be the better source sometimes.

Do you subscribe to this manner of FUD (fear uncertainty doubt):
"This is not to say that the new wireless security protocol,
WPA, isn't very good. It is. But there are going to be
security flaws in it; there always are."

I don't think that qualifies as FUD. Not even close.

I usually ignore one line pontification and judgments, but since I
asked for an opinion, I won't complain. However, you're wrong. What
Bruce Schneier has done here is classical FUD.

FUD is fear, uncertainty, and doubt. I may be wrong, or you may be
wrong, but my opinion is that the part you quoted above doesn't
contain any of those three qualities. I'm able to parse the quoted
statements and understand that he's saying WPA is good, but not likely
to be perfect. I don't know when it was written, but we know now that
WPA has security flaws, so he was either right in advance or right in
arrears, but either way he is/was right. Just like truth is the best
defense against libel, I think truth is a pretty darn strong defense
against a claim of FUD.

Swell. Leave your access point wide open because your neighbors might
need it and because your chances of experiencing a problem is minimal.
Never mind with encryption because it *MIGHT* be cracked in the
future. While you're at it, leave your car doors unlocked for the
same reasons. Door locks are easily picked, so why bother to use
them.

I'm not sure how you arrived at your conclusion, but I suspect it had
a lot to do with your mind being on the free lunch. :)

Ummm... I didn't write a conclusion. The quoted paragraph is a
cynical and sarcastic recommendations.

Your conclusion was that since WPA may or does have problems, we
should just avoid it entirely. Like I said, I don't see how you
arrived at that conclusion, or whatever you'd rather call it. That
'position' certainly doesn't follow the quoted paragraph that came
before it, so now I'm assuming that you were responding to something
else from that article that you didn't feel was worth quoting.

The part about leaving the car door open is called an analogy.

Yes, analogies are common. No need to point them out.

Leave the WPA security disabled because it might be cracked.

See? THAT! How did you arrive there? Besides you, who else suggested
it would be a good idea to leave WPA disabled because it might be
cracked? If not from you, did you get it from the article? That's
really all I'm asking.

Pointing out that something isn't perfect is a far cry from advising
people not to use it.

Did you read the article?

No, I was responding to what you wrote, not to what someone wrote in
an article. You didn't make it clear that I had to read the article
before climbing onto the ride. :)

.