djevans
Tennessee
Senior Member
Joined: 03/24/2002
View Profile
|
just a note on WEP...While it is better than nothing at all, it's becoming all too common. At least consider WPA or better, WPA2, if your equipment will handle it.
Don . . . near 36.171N 086.784W, TN near here
WA4ZFN
2003 Fleetwood Revolution 40C - Saturn VUE
350hp Cummins ISC
- - - P i c t u r e s - - -
I'm confused, WAIT! Maybe I'm not!
|
taborekle
Clements, Md
Senior Member
Joined: 08/16/2005
View Profile
 Offline
|
JimInMA wrote:
snip snip snip
That said, in comparison, the systems used with Wi-Fi (WES, WPA, WPA2) are fairly weak and they can be broken but it does take some work and doing it is beyond and "average" home computer user. The security available to Wi-Fi users isn't perfect but it is "good enough".
Yes, EXACTLY! So if you're doing Wi-Fi using ONLY one of these protocalls to provide protection, then you're on shaky ground. But most people use a browser when using Wi-Fi to access the internet, and when you browse to a secure site, the browser will then switch to https mode (just look at your URL line if your not sure). This will TUNNEL SSL (which is very heavily encrypted) inside the Wi-Fi encryption. You're quite safe at that point.
Larry
|
magicbus
LBI, NJ
Senior Member
Joined: 06/16/2002
View Profile
Offline
|
So I guess that begs the question - Is wifi encryption simply to keep others from using your access point or is it to "protect" your valuable internet surfing from prying eyes? I've always seen it as a way to prevent others from connection and consider my valuable information protected by superior protocols (VPN and/or SSL).
Dave
Life doesn't come with a safety fence around it... enjoy it anyway.
|
apr67
Tallahassee, Florida
Senior Member
Joined: 02/14/2007
View Profile
|
Public Key/Private Key encryption, as seen in SSL (HTTPS web pages) is pretty secure for what most humans do. We don't need to protect our data forever, we just need to protect it until it is no longer useful. For most things that is about a year, ie you do change all your important passwords at least once a year, right?
The biggest issue with the internet (be it wireless or wired) is the man in the middle attack. Several methods exist to do this but the easy way to think about it is, SSL is only as good as the site you use it to connect to. If I make a site and convince your computer to talk to me to get anything you need, and give you an encrypted connection, you think you are doing well. The reality is, when you type your password in for your bank, I capture the password and then pass it through. Then I present the banks output back to you. You don't even know I'm there.
But to somehow assume that the US mail is secure is quite funny.
Don't take your organs to heaven. Heaven knows we need them here.
----------------
2007 National Surf Side 34DE. Full timing since 1/06/08
2007 Toyota Matrix Da Toad
|
2oldman
WA
Senior Member
Joined: 04/15/2001
View Profile
Offline
|
jharrelson wrote:stick to the US Mail for all things requiring my personal information. That's a joke, right?
|
|
|
david_42
Oregon
Senior Member
Joined: 04/08/2005
View Profile
Offline
|
Encryption is not a code.
That said, WEP was a rather weak encryption, effectively only 40 bits. WEP was replaced by WPA, which uses 128-bit keys in 2003. Unless you have old equipment, you are probably using WPA2 which is 256-bit and could, in theory be broken by a petaflop super computer in a couple months.
* This post was
edited 08/18/08 06:56pm by an administrator/moderator *
|
creeper
Richmond Hill, Georgia
Senior Member
Joined: 12/22/2003
View Profile
|
david_42 wrote:Encryption is not a code.
That said, WEP was a rather weak encryption, effectively only 40 bits. WEP was replaced by WPA, which uses 128-bit keys in 2003. Unless you have old equipment, you are probably using WPA2 which is 256-bit and could, in theory be broken by a petaflop super computer in a couple months.
encrypt |en'kript|
verb - trans.
convert (information or data) into a cipher or code, esp. to prevent unauthorized access.
Blog and projects page
See Profile for more pictures and links
Link Exchange
|
Ag2000CO
MD
Senior Member
Joined: 11/22/2005
View Profile
Offline
|
creeper wrote:
encrypt |en'kript|
verb - trans.
convert (information or data) into a cipher or code, esp. to prevent unauthorized access.
Creeper,
You need to be careful taking dictionary definitions and applying them to a application (field of cryptography) that has developed a very specific use of some words that have less exact meaning in general use.
For example, cipher and code are included in the definition because they are different.
In a discussion about WiFi encryption, the mention of the WWII "code talkers" was a red hearing. The code talkers, or any language for that matter, is in fact a code. In English we encode a four legged thing that go "meow" with the letters "cat". Everyone that wants to use a code needs a list of words or phrases and their codes. For example "General" >> 1234, "Tank" >> 5395, "tanker" >> 5934
This is different than say a Caesar cipher.
Back to the OP, yes, the encryption used by WiFi may be able to be broken, but why bother, there are so many open WiFi link? In fact I would contend that the real reason to encrypt a WiFi link is to keep other users from using your web access for nasty purposes.
Unless you have an ex-wife after you, why would someone attack your computer and get 1 ID when they could (have) go after a computer that has info on 100s of cards/accounts? As it turns out many store have computer systems/networks that are no more secure than you PC.
Lou
1959 Streamline 28'
Starband on a tripod
1960 Avion H-24 - gone to a better place
|
matt7591
So. CA
Full Member
Joined: 07/11/2003
View Profile
 Online
|
1. WEP security with strong password
2. Don't broadcast name of router.
3. MAC address filtering.
Break into my network with proof and I'll give you a dollar.
|
silversand
Montreal
Senior Member
Joined: 09/12/2004
View Profile
|
Quote:Most hackers won't bother because there are too many open wifi systems.
...yep...why would the average hacker/white-collar criminal ever want to attempt to decipher someone's even weakly encrypted wifi or https communications?
Wouldn't it be easier to let the fly go to the honey (i.e. rootkits disguised as a freeware; a free open wifi Venus fly-trap)?
Cheers,
S-
Silver
2004 Chevy Silverado 2500HD 4x4 6.0L Ext/LB Tow Package 4L80E Michelin AT2s| Outfitter Caribou
|
|
|
