Death To WEP And TKIP!

Discussion in 'NZ Computing' started by Lawrence D'Oliveiro, Jun 19, 2010.

  1. About blooming time
    <http://www.zdnet.com/blog/hardware/wi-fi-alliance-to-dump-wep-and-tkip-not-soon-enough/8677>.

    Make sure your access points are set to use only AES encryption.
    Lawrence D'Oliveiro, Jun 19, 2010
    #1
    1. Advertising

  2. Lawrence D'Oliveiro

    victor Guest

    On 19/06/2010 2:38 p.m., Lawrence D'Oliveiro wrote:
    > About blooming time
    > <http://www.zdnet.com/blog/hardware/wi-fi-alliance-to-dump-wep-and-tkip-not-soon-enough/8677>.
    >
    > Make sure your access points are set to use only AES encryption.



    The article needs to qualify that "banning" only means the compliance of
    members of the alliance building new wifi equipment which carries their
    trademark logo, they have no power over users or IEEE standards.
    victor, Jun 19, 2010
    #2
    1. Advertising

  3. Lawrence D'Oliveiro

    peterwn Guest

    On Jun 19, 3:52 pm, victor <> wrote:
    > On 19/06/2010 2:38 p.m., Lawrence D'Oliveiro wrote:
    >
    > > About blooming time
    > > <http://www.zdnet.com/blog/hardware/wi-fi-alliance-to-dump-wep-and-tki....>.

    >
    > > Make sure your access points are set to use only AES encryption.

    >
    > The article needs to qualify that "banning" only means the compliance of
    > members of the alliance building new wifi equipment which carries their
    > trademark logo, they have no power over users or IEEE standards.


    WEP is like using a Legge (or similar) 2 lever door lock on your house
    instead of a decent Chubb 5 lever lock.
    peterwn, Jun 19, 2010
    #3
  4. In message <hvheuc$e2t$-september.org>, victor wrote:

    > The article needs to qualify that "banning" only means the compliance of
    > members of the alliance building new wifi equipment which carries their
    > trademark logo, they have no power over users or IEEE standards.


    Still, it’s good to see them use their power of publicity for good, not for
    evil.
    Lawrence D'Oliveiro, Jun 19, 2010
    #4
  5. Lawrence D'Oliveiro

    victor Guest

    On 19/06/2010 6:59 p.m., peterwn wrote:
    > On Jun 19, 3:52 pm, victor<> wrote:
    >> On 19/06/2010 2:38 p.m., Lawrence D'Oliveiro wrote:
    >>
    >>> About blooming time
    >>> <http://www.zdnet.com/blog/hardware/wi-fi-alliance-to-dump-wep-and-tki...>.

    >>
    >>> Make sure your access points are set to use only AES encryption.

    >>
    >> The article needs to qualify that "banning" only means the compliance of
    >> members of the alliance building new wifi equipment which carries their
    >> trademark logo, they have no power over users or IEEE standards.

    >
    > WEP is like using a Legge (or similar) 2 lever door lock on your house
    > instead of a decent Chubb 5 lever lock.


    No one can ban that either.
    victor, Jun 19, 2010
    #5
  6. Lawrence D'Oliveiro

    Richard Guest

    victor wrote:

    >> WEP is like using a Legge (or similar) 2 lever door lock on your house
    >> instead of a decent Chubb 5 lever lock.

    >
    > No one can ban that either.


    Insurance could refuse to cover people using lousy house security.
    Richard, Jun 19, 2010
    #6
  7. Lawrence D'Oliveiro

    victor Guest

    On 20/06/2010 9:52 a.m., Richard wrote:
    > victor wrote:
    >
    >>> WEP is like using a Legge (or similar) 2 lever door lock on your house
    >>> instead of a decent Chubb 5 lever lock.

    >>
    >> No one can ban that either.

    >
    > Insurance could refuse to cover people using lousy house security.
    >

    But the lock manufacturers can't ban old locks
    victor, Jun 20, 2010
    #7
  8. Lawrence D'Oliveiro

    peterwn Guest

    On Jun 19, 11:55 pm, victor <> wrote:
    > On 19/06/2010 6:59 p.m., peterwn wrote:
    >
    > > On Jun 19, 3:52 pm, victor<>  wrote:
    > >> On 19/06/2010 2:38 p.m., Lawrence D'Oliveiro wrote:

    >
    > >>> About blooming time
    > >>> <http://www.zdnet.com/blog/hardware/wi-fi-alliance-to-dump-wep-and-tki...>.

    >
    > >>> Make sure your access points are set to use only AES encryption.

    >
    > >> The article needs to qualify that "banning" only means the compliance of
    > >> members of the alliance building new wifi equipment which carries their
    > >> trademark logo, they have no power over users or IEEE standards.

    >
    > > WEP is like using a Legge (or similar) 2 lever door lock on your house
    > > instead of a decent Chubb 5 lever lock.

    >
    > No one can ban that either.


    Agreed but this is no consolation when someone nicks your bandwidth
    and you are sentenced in the last week of the billing period to dial-
    up speed.
    peterwn, Jun 20, 2010
    #8
  9. Lawrence D'Oliveiro

    peterwn Guest

    On Jun 20, 4:29 pm, victor <> wrote:
    > On 20/06/2010 9:52 a.m., Richard wrote:> victor wrote:
    >
    > >>> WEP is like using a Legge (or similar) 2 lever door lock on your house
    > >>> instead of a decent Chubb 5 lever lock.

    >
    > >> No one can ban that either.

    >
    > > Insurance could refuse to cover people using lousy house security.

    >
    > But the lock manufacturers can't ban old locks


    But decent locks have been available for the last 200 years although
    the early Chubb and Bramah locks would have been hideously expensive
    to buy.
    peterwn, Jun 20, 2010
    #9
  10. Lawrence D'Oliveiro

    ~misfit~ Guest

    Somewhere on teh intarwebs Richard wrote:
    > victor wrote:
    >
    >>> WEP is like using a Legge (or similar) 2 lever door lock on your
    >>> house instead of a decent Chubb 5 lever lock.

    >>
    >> No one can ban that either.

    >
    > Insurance could refuse to cover people using lousy house security.


    Define 'security'. Locks only keep honest people out.
    --
    Shaun.

    "When we dream.... that's just our brains defragmenting" G Jackson.
    ~misfit~, Jun 20, 2010
    #10
  11. Lawrence D'Oliveiro

    victor Guest

    On 20/06/2010 7:25 p.m., peterwn wrote:
    > On Jun 19, 11:55 pm, victor<> wrote:
    >> On 19/06/2010 6:59 p.m., peterwn wrote:
    >>
    >>> On Jun 19, 3:52 pm, victor<> wrote:
    >>>> On 19/06/2010 2:38 p.m., Lawrence D'Oliveiro wrote:

    >>
    >>>>> About blooming time
    >>>>> <http://www.zdnet.com/blog/hardware/wi-fi-alliance-to-dump-wep-and-tki...>.

    >>
    >>>>> Make sure your access points are set to use only AES encryption.

    >>
    >>>> The article needs to qualify that "banning" only means the compliance of
    >>>> members of the alliance building new wifi equipment which carries their
    >>>> trademark logo, they have no power over users or IEEE standards.

    >>
    >>> WEP is like using a Legge (or similar) 2 lever door lock on your house
    >>> instead of a decent Chubb 5 lever lock.

    >>
    >> No one can ban that either.

    >
    > Agreed but this is no consolation when someone nicks your bandwidth
    > and you are sentenced in the last week of the billing period to dial-
    > up speed.


    Do you really want your life micromanaged by the nanny state in that way
    ? Because it would take a law, not a policy decision by a trade
    association on their approval stamp for 2014.
    You can control the access to your internet in many different ways, you
    might want to connect some 802.11b clients, you might have multiple
    access points and media players etc, you might want to use WDM, its up
    to you.
    victor, Jun 20, 2010
    #11
  12. Lawrence D'Oliveiro

    victor Guest

    On 20/06/2010 9:07 p.m., peterwn wrote:
    > On Jun 20, 4:29 pm, victor<> wrote:
    >> On 20/06/2010 9:52 a.m., Richard wrote:> victor wrote:
    >>
    >>>>> WEP is like using a Legge (or similar) 2 lever door lock on your house
    >>>>> instead of a decent Chubb 5 lever lock.

    >>
    >>>> No one can ban that either.

    >>
    >>> Insurance could refuse to cover people using lousy house security.

    >>
    >> But the lock manufacturers can't ban old locks

    >
    > But decent locks have been available for the last 200 years although
    > the early Chubb and Bramah locks would have been hideously expensive
    > to buy.


    http://www.youtube.com/watch?v=q6GhigVxEoI
    victor, Jun 20, 2010
    #12
  13. Lawrence D'Oliveiro

    peterwn Guest

    On Jun 20, 10:50 pm, victor <> wrote:

    >
    > > But decent locks have been available for the last 200 years although
    > > the early Chubb and Bramah locks would have been hideously expensive
    > > to buy.

    >
    > http://www.youtube.com/watch?v=q6GhigVxEoI


    That is NOT a real Chubb lock. It looks like a Union cylinder lock
    branded Chubb and can be bumped like any other ordinary pin tumbler
    cylinder lock without anti-bump precautions. The shape of the key head
    is the same as for Union masterkeyed locks and it was most probably
    manufactured at the Union works, Willenhall, Staffordshire, UK. Even
    Medeco locks (the UK ones are branded Chubb) can sometimes be bumped
    if the 'angles' are the same as the bump key as they often are for
    locks supplied by the same locksmith.

    Chubb (with respect to locks), Yale, Union, Medeco, Lockwood,
    Ingersoll (not to be confused with Ingersoll Rand) and many other
    traditional brands are now owned by ASSA-Abloy possibly the largest
    lock maker in the world. The other significant player is Ingersoll
    Rand (Schlage and Legge).

    Bramah locks and traditional Chubb lever locks cannot be bumped.
    Despite the technology being over 200 years old, a very high standard
    of skill is required to pick them.

    This is a REAL Chubb lock:
    http://www.wolverhamptonhistory.org.uk/assets/userfiles/wolverhampton_history/industry/002303.jpg
    peterwn, Jun 21, 2010
    #13
  14. Lawrence D'Oliveiro

    victor Guest

    On 21/06/2010 1:23 p.m., peterwn wrote:
    > On Jun 20, 10:50 pm, victor<> wrote:
    >
    >>
    >>> But decent locks have been available for the last 200 years although
    >>> the early Chubb and Bramah locks would have been hideously expensive
    >>> to buy.

    >>
    >> http://www.youtube.com/watch?v=q6GhigVxEoI

    >
    > That is NOT a real Chubb lock. It looks like a Union cylinder lock
    > branded Chubb and can be bumped like any other ordinary pin tumbler
    > cylinder lock without anti-bump precautions. The shape of the key head
    > is the same as for Union masterkeyed locks and it was most probably
    > manufactured at the Union works, Willenhall, Staffordshire, UK. Even
    > Medeco locks (the UK ones are branded Chubb) can sometimes be bumped
    > if the 'angles' are the same as the bump key as they often are for
    > locks supplied by the same locksmith.
    >
    > Chubb (with respect to locks), Yale, Union, Medeco, Lockwood,
    > Ingersoll (not to be confused with Ingersoll Rand) and many other
    > traditional brands are now owned by ASSA-Abloy possibly the largest
    > lock maker in the world. The other significant player is Ingersoll
    > Rand (Schlage and Legge).
    >
    > Bramah locks and traditional Chubb lever locks cannot be bumped.
    > Despite the technology being over 200 years old, a very high standard
    > of skill is required to pick them.
    >
    > This is a REAL Chubb lock:
    > http://www.wolverhamptonhistory.org.uk/assets/userfiles/wolverhampton_history/industry/002303.jpg


    http://www.youtube.com/watch?v=NUEcAjlbJxo&feature=related

    There are many more, search away.

    If all it requires is a standard of mechanical skill in manipulating
    accessible components, that is just security through obscurity, and the
    internet is so good at spreading knowledge and access to tools that
    lockpicking is becoming a hobby / sport.

    http://www.ukbumpkeys.com/

    Its a good idea to know the risks in WPA usage too.
    This Youtube channel has some great segments on WPA attacks.

    http://www.youtube.com/profile?user=Hak5Darren#g/u
    victor, Jun 21, 2010
    #14
  15. Lawrence D'Oliveiro

    peterwn Guest

    On Jun 21, 2:18 pm, victor <> wrote:

    >
    > If all it requires is a standard of mechanical skill in manipulating
    > accessible components, that is just security through obscurity, and the
    > internet is so good at spreading knowledge and access to tools that
    > lockpicking is becoming a hobby / sport.


    Agreed to a point, but there is nothing obscure about most high
    security locks, one can often get a sample and dismantle it. But even
    if you know the inner workings a Chubb lever lock (especially the
    'Castle' type used by top secret government departments etc), Bramah
    lock or the Australian Bi-lock would still be utter pigs to pick (Bi-
    lock is considered by some to be better than Medeco). I am not saying
    they are pickproof but for practical purposes no one is going to
    seriously bother picking them (MI5, SIS etc excepted)..

    >
    > http://www.ukbumpkeys.com/
    >
    > Its a good idea to know the risks in WPA usage too.
    > This Youtube channel has some great segments on WPA attacks.
    >
    > http://www.youtube.com/profile?user=Hak5Darren#g/u


    Agreed again that any encyphered stream will yield its secrets in due
    course unless a 'real' one time cypher system is used (the British
    supplied French Resistance people with one time cypher 'pads' during
    WW2).
    peterwn, Jun 21, 2010
    #15
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Johnny
    Replies:
    11
    Views:
    3,044
    Cerebrus
    Aug 4, 2006
  2. Mikey
    Replies:
    3
    Views:
    3,566
    Tonester
    Sep 14, 2006
  3. kharnal
    Replies:
    1
    Views:
    618
    Malke
    Jan 11, 2007
  4. wooying
    Replies:
    1
    Views:
    1,328
    www.BradReese.Com
    Jan 16, 2007
  5. ufdragon
    Replies:
    0
    Views:
    1,393
    ufdragon
    Mar 30, 2012
Loading...

Share This Page