Re: [suse-linux-uk-schools] Wireless networks
Don't know what all this discussion is about. Wireless is dead in the water. It is banned and shouldn't even be used. Well, at least that is what I understand to be the case:
Check out the text on Airsnort. This clever little program can be easily downloaded; and runs on Linux by the way!
AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. 802.11b, using the Wired Equivalent Protocol (WEP), is crippled with numerous security flaws. Most damning of these is the weakness described in "Weaknesses in the Key Scheduling Algorithm of RC4 " by Scott Fluhrer, Itsik Mantin and Adi Shamir. Adam Stubblefield was the first to implement this attack, but he has not made his software public. AirSnort, along with WEPCrack, which was released about the same time as AirSnort, are the first publicly available implementaions of this attack. AirSnort requires approximately 100M-1GB of data to be gathered. Once enough packets have been gathered, AirSnort can guess the encryption password in under a second.
Also this weeks news!
Whitehall refuses to back wireless Lans By Andrew Donoghue [14-02-2002] The government has effectively banned the use of wireless local area networks due to security concerns. The Communications Electronics Security Group (CESG), which approves technology for use by government departments, has not approved any wireless Lans and will not do so until better levels of encryption are available. Computing last year revealed the ease with which unencrypted signals from wireless networks can be intercepted (Computing, 15 November). A spokesman for the CESG says each government department can make a decision on whether to use wireless Lans, but the CESG advises them not to use the technology at present. "This technology is attractive from a functional point of view but it carries certain security risks. These have been documented in the media," he said. "The assumption was that these were quite sophisticated things and it would need a very sophisticated person to attack them. That is not necessarily the case anymore." The CESG says no wireless technology has been approved under its Assisted Product scheme which approves IT products as 'suitable for purchase by HM Government as well as the UK public sector.' The effective ban has been in place for at least 12 months, says Paul Docherty technical director at government advisor Portcullis Security. Sorry if this bursts some people's bubbles. Regards to all, Bruce Miller.
On Thu, 21 Feb 2002, Bruce Miller wrote:
Don't know what all this discussion is about. Wireless is dead in the water. It is banned and shouldn't even be used. Well, at least that is what I understand to be the case:
<snip>
Computing last year revealed the ease with which unencrypted signals from wireless networks can be intercepted (Computing, 15 November).
Well, that just means one shouldn't rely on the hardware to make the data secure, doesn't it? Run IPSEC, CIPE or whatever. You get harder and more manageable encryption that way too. If you're worried about using a data link that's easily intercepted by someone with the right equipment, you probably should stop using any kind of PTO-provided fixed link. :-) Bob G
On Thursday 21 February 2002 08:09, Robert J Gautier wrote:
On Thu, 21 Feb 2002, Bruce Miller wrote:
Don't know what all this discussion is about. Wireless is dead in the water. It is banned and shouldn't even be used. Well, at least that is what I understand to be the case:
Wireless can be useful in many cases where the data is not critical in terms of security. Registration is done by wireless in many schools and there is a £11.25m government pilot project on electronic registration which I suspect will basically fill BromCom's coffers. I have had many complaints about BromCom's system from client schools where installations cost around £50,000 (Ok some of that is wireless infrastructure but its still extremely expensive) 1. Electronic registration does not have to be wireless. We had electronic registration on a token ring network in Kingshurst CTC in 1988 so that provides prior art for the concept. So the only bit of BromCom's patent that could stand up is wireless. So run your register on a cable network and there is definitely no worry. 2. BromCom's patent talks about downloading a plurality of names to a client machine. So use a thin client and that shoots it down too. 3. Essentially BromCom's patent applies to some proprietary wireless devices which are now superceded by standard hardware such as laptops. On the grounds that the concept of using a network of computers for registering pupils dates back to at least 1988 and that is well before BromCom's patent of the mid 90s, and it would be trivially obvious that wireless transmission is simply an extension of the use of cable. I can't see BromCom's patent being worth the paper its written on but it needs a test case in court and that costs money. That is what they are relying upon. Surely the Government should be taking an interest given that the rip off is mainly tax payers money. We have developed a web based electronic registration system (URL available to those interested) and for £11.25m we could almost certainly provide the additional network cabling in every single secondary school, and the software to do the deed. E-mailed the DfES to say so - nothing in reply. Regards, -- IanL
participants (3)
-
Bruce Miller -
Ian -
Robert J Gautier