Simple, safe WPS WiFi security around the corner
By Conrad Quilty-Harper 
posted Aug 24th 2006 7:57PM
posted Aug 24th 2006 7:57PM
Setting up a secure wireless network is no easy task, due in part to the array of confusing, conflicting, and sometimes even downright ineffectual (we're looking at you, WEP) solutions to the problem. Enter the WiFi Alliance's WiFi Protected Setup, or WPS, a program slated for release later this year that aims to ease the process of securing home users' wireless networks and is intended to play nice with any WiFi-enabled consumer electronic device (say, a DAP or a camera), as long as the device passes a mandatory lab test first. Tapping into the home user's "I don't care how it works, as long as it does" mentality, WPS will make secure connections as simple as pushing a button on the WiFi-enabled device and the router that it is connecting to, although a PIN-based method is also part of the specification. The new system is similar to Buffalo Technology's Airstation One-Touch Secure System, however, unlike AOSS, WPS is an entirely non-proprietary specification that will fit right into the heterogeneous world of WiFi. Lets just hope wireless chipset and consumer electronics manufacturers get behind WPS and show some love to the peeps that don't know their WEPs from their wallets.[Via The Register]
As well as a tech problem, I think there's an education problem here. WIFI is starting to make it into homes of non-tech people here in NZ. The problem is these people go and buy a device, do the minimal setup, and then go cool - now I have WIFI and forget that they're leaving their door unlocked. The manufacturers really need to do a better job of having the devices protected by default. On a sideline, if someone is knicking your wifi, here's a fun way to deal with it: http://www.ex-parrot.com/%7Epete/upside-down-ternet.html
WEP isn't secure, nor is it difficult to setup. What they're talking about sounds like another useless 3rd party software that usually comes with the routers/cards them selves.
Really? I set up a WPA2 protected wireless network in 15 minutes.
It was the first wireless network I'd ever set up.
We have WPA (not 2 my dad's Dell Axim can't see WPA2 encryption) set up on our home hybrid network (two hard-wired PCs, one wireless PC, one wireless dell axim and one wireless dell latitude notebook).
Even with my dad triple-checking every setting (he's quite meticulous) it only took about 20 minutes to get it up and running and secure.
It was our first attempt at wireless.
People should read the friggin' manual that came with their device and not leave the security settings on "default".
And if they don't, that's their problem.
I dunno what the big deal is, everyone here seems to know that setting up some security is mad easy.
My parents who are not tech savy at all set up their network at home; hell my dad even set up a network for a guy at work. He was smart enough to use WPA2...not rocket science here people.
I think the biggest issue is not the difficulty of setting up a secure network, it's simply education. I know a lot of people think a network ends at the edge of their property, but if you educate them that this is not true, most find it very easy to follow the instructions in the user manual. And, on a side note, why do we need another standard, isn't WPA & WPA2 good enough???
I agree. I don't think complexity of setup was the issue. It's general ignorance of the dangers (although getting better) and what to do about it. WPA-PSK is decent security for a home user but still not the best most access points can do. They never tell you that.
The best security is 802.1x/WPA-Enterprise. It requires extra systems like a RADIUS server, but soem startups are providing these as a service now. Check out www.witopia.net or boxedwireless.com. witopia is a LOT less expensive and I like their VPN product too for hotspots. boxedwireless uses certificates in their wlan product, which is interesting though.
oops..maybe these URLs work better. http://www.witopia.net and http://boxedwireless.com
WPA of either variety is secure to the point that your password/passphrase is secure. If you HAVE to use a passphrase then it should be long, have upper and lowercase, etc... WPA cannot be cracked by collection packets as WEP can so the only way to do so is using a brute force method. This means trying every conceivable combination of letters, numbers, and symbols until you happen to get it correct. Here's a tip for a really secure connection: Don't use passphrase, use numbers, and use at least 20+. This will mean that at 60 attempts per second it would take millions of years to guess your password.