From owner-freebsd-chat@FreeBSD.ORG  Wed Aug 13 09:31:07 2003
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6694137B401
	for <chat@freebsd.org>; Wed, 13 Aug 2003 09:31:07 -0700 (PDT)
Received: from hannibal.servitor.co.uk (hannibal.servitor.co.uk
	[195.188.15.48])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 86D1843F85
	for <chat@freebsd.org>; Wed, 13 Aug 2003 09:31:06 -0700 (PDT)
	(envelope-from paul@iconoplex.co.uk)
Received: from hannibal.servitor.co.uk ([195.188.15.48] helo=iconoplex.co.uk)
	by hannibal.servitor.co.uk with esmtp (Exim 4.14)
	id 19myZz-000AmD-BK; Wed, 13 Aug 2003 17:34:31 +0100
Message-ID: <3F3A67BE.8060606@iconoplex.co.uk>
Date: Wed, 13 Aug 2003 17:30:54 +0100
From: Paul Robinson <paul@iconoplex.co.uk>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.4) Gecko/20030624
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Bill Moran <wmoran@potentialtech.com>
References: <Pine.NEB.3.96L.1030811133518.66226B-100000@fledge.watson.org>
	<3F37D493.9050604@potentialtech.com> <44lltyij8s.fsf@be-well.ilk.org>
	<3F397708.7050803@potentialtech.com> <3F3A0581.9010908@iconoplex.co.uk>
	<3F3A3EBD.1090905@potentialtech.com>
In-Reply-To: <3F3A3EBD.1090905@potentialtech.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
cc: chat@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:09.signal
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Aug 2003 16:31:07 -0000

Bill Moran wrote:

> to demonstrate whether or not it was really doable.  Again, my memory
> could be off, but I think they showed that it took less than 15 minutes
> of sniffing to break WEP on average.  Their report is quite detailed,
> including the exact (cheap) hardware that was required to capture the
> packets.  Abuse google if you want the details.  The last time I looked
> the data was still online.

It required 2Gbytes of traffic before frequency analysis (the tactic) 
was viable. Since then, if you've patched your firmware, you'll have 
stronger crypto available. If you don't patch, you don't enable it, 
whatever, that's your problem, not WEP's. Sure, like any other security 
issue, there will be sites running poor WEP crypto, but again, that's 
like any other security vulnerability.

> OK, you caught me at my own game here, Mr English.  You're right, I used
> the word incorrectly.  But don't put words in my mouth.  WEP _is_
> unsecure.  There's no guessing about it.

Not much more so than most other on-the-wire public key crypto systems.

> *Hugs his WEP*

Awwwww.... but I thought it was evil? :-)

-- 
Paul Robinson