Date: Tue, 5 Sep 2000 20:16:11 +0200 From: Brad Knowles <blk@skynet.be> To: "Kevin Oberman" <oberman@es.net> Cc: Vivek Khera <khera@kciLink.com>, freebsd-chat@FreeBSD.ORG Subject: Re: affordable wireless Message-ID: <v0422081bb5dae7cdddfa@[195.238.1.121]> In-Reply-To: <200009051734.e85HYBU18656@ptavv.es.net> References: <200009051734.e85HYBU18656@ptavv.es.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[Trying to take this to FreeBSD-Chat again, since this has nothing to do with -STABLE. -Brad] At 10:34 AM -0700 2000/9/5, Kevin Oberman wrote: > We can agree that the 40 bit stuff is not worth the trouble. My 128 > bit Lucent card says "128-bit RC-4 encryption". Last I heard, RC-4 was > not considered a "safe" algorithm. Looking at my card, I see that you are absolutely right -- it is 128-bit RC4. I am not personally aware of any security weaknesses in this algorithm, but I agree that it is not widely used, and I believe that is probably because it is not felt to be as secure as Triple-DES, CAST-128, or IDEA. > Also, in any multi-user environment, the secret must be too public. (I > believe that when I know something, it's secure. When I tell someone, > it's secret. When someone else is told, it's public.) True enough, but this is just one level of protection with these cards. The management stations also have a password to manage them, and that should obviously be different. So, you can use a shared password to be capable of accessing the network via the encrypted link, and a private password to manage the wireless hub itself. > Using an encrypted link is fine, but I worry that people will believe > far too much in its security. (Especially when they see "128-bit".) Well, it's better than nothing, which is what most people use. In fact, it's what I'm using right now, because I can't figure out how to get WaveLAN cards on PCs and WaveLAN cards on Macintosh and the AirPort with a WaveLAN card to all use the same password hashing scheme so that I can even use a shared password. ;-( > If I'm wrong and it is 3DES, never mind! But still use ssh whenever > possible. Agreed. Ssh is a Good Thing(tm). It should be used whenever possible. -- These are my opinions -- not to be taken as official Skynet policy ====================================================================== Brad Knowles, <blk@skynet.be> || Belgacom Skynet SA/NV Systems Architect, Mail/News/FTP/Proxy Admin || Rue Colonel Bourg, 124 Phone/Fax: +32-2-706.13.11/12.49 || B-1140 Brussels http://www.skynet.be || Belgium "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v0422081bb5dae7cdddfa>