Why use unsecure WEP?

I still don't understand why users continue to use 802.11b with
unsecure WEP. The market is going to a faster and secure WPA protocol
which is included in the new protocol 802.11g.

Maybe, they are just pushing old technology off to users in a attempt
to sell them a secure 802.11g later.

http://www.54g.org/wpa_faq.html

"Macuser" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> I still don't understand why users continue to use 802.11b with
> unsecure WEP. The market is going to a faster and secure WPA protocol
> which is included in the new protocol 802.11g.
>

The manufacturers and vendors are just starting to roll out WPA support.
Obviously their priorities favor the 802.11g gear because that is the hot,
higher-margin sector of the market, while 802.11b has become cheaper and
commoditized.

WPA support for 802.11b will lag, but it is coming. For example, Proxim has
missed their announced release date on WPA drivers for the venerable ORiNOCO
Classic Gold/Silver client cards, but they are still expected before the end
of the year.

Early adopters pay a premium. It is part of the established tech economy.

802.11g sees most of the WPA activity because the required hardware support
is in the chipsets. WPA is an interim solution being pushed by the WiFi
Alliance to plug the WEP security hole while we wait for 802.11i to become
final.

While WPA was designed to work with 802.11b, it's really a steppingstone to
802.11i. 802.11i will add AES encryption, which is much better than
WEP/TKIP. TKIP can be implemented in the existing 802.11b MAC, with some
performance penalty, but AES cannot. On the other hand, most 802.11g
chipsets are designed with TKIP and AES in silicon.

From that perspective, it makes more sense to rollout WPA on 802.11g first.
The hardware does it already, so it costs less to implement, and when
802.11i becomes final (next year?) users can immediately upgrade to strong
AES encryption. 802.11b users will have WPA, but the users who need strong
security will have an incentive to move to 802.11g.

"Ross Evans" <(E-Mail Removed)> wrote in message
news:e3Bwb.43795$(E-Mail Removed)...
>
> "Macuser" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) om...
> > I still don't understand why users continue to use 802.11b with
> > unsecure WEP. The market is going to a faster and secure WPA protocol
> > which is included in the new protocol 802.11g.
> >
>
> The manufacturers and vendors are just starting to roll out WPA support.
> Obviously their priorities favor the 802.11g gear because that is the hot,
> higher-margin sector of the market, while 802.11b has become cheaper and
> commoditized.
>
> WPA support for 802.11b will lag, but it is coming. For example, Proxim
has
> missed their announced release date on WPA drivers for the venerable
ORiNOCO
> Classic Gold/Silver client cards, but they are still expected before the
end
> of the year.
>
> Early adopters pay a premium. It is part of the established tech economy.
>
>
>

"gary" <(E-Mail Removed)> wrote in message news:<0YDwb.5408$(E-Mail Removed) digy.com>...
> 802.11g sees most of the WPA activity because the required hardware support
> is in the chipsets. WPA is an interim solution being pushed by the WiFi
> Alliance to plug the WEP security hole while we wait for 802.11i to become
> final.
>
> While WPA was designed to work with 802.11b, it's really a steppingstone to
> 802.11i. 802.11i will add AES encryption, which is much better than
> WEP/TKIP. TKIP can be implemented in the existing 802.11b MAC, with some
> performance penalty, but AES cannot. On the other hand, most 802.11g
> chipsets are designed with TKIP and AES in silicon.
>
> From that perspective, it makes more sense to rollout WPA on 802.11g first.
> The hardware does it already, so it costs less to implement, and when
> 802.11i becomes final (next year?) users can immediately upgrade to strong
> AES encryption. 802.11b users will have WPA, but the users who need strong
> security will have an incentive to move to 802.11g.
>
> "Ross Evans" <(E-Mail Removed)> wrote in message
> news:e3Bwb.43795$(E-Mail Removed)...
> >
> > "Macuser" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed) om...
> > > I still don't understand why users continue to use 802.11b with
> > > unsecure WEP. The market is going to a faster and secure WPA protocol
> > > which is included in the new protocol 802.11g.
> > >
> >
> > The manufacturers and vendors are just starting to roll out WPA support.
> > Obviously their priorities favor the 802.11g gear because that is the hot,
> > higher-margin sector of the market, while 802.11b has become cheaper and
> > commoditized.
> >
> > WPA support for 802.11b will lag, but it is coming. For example, Proxim
> has
> > missed their announced release date on WPA drivers for the venerable
> ORiNOCO
> > Classic Gold/Silver client cards, but they are still expected before the
> end
> > of the year.
> >
> > Early adopters pay a premium. It is part of the established tech economy.
> >
> >
> >

I hear that AES encryption will be in the hardware. I still don't
understand why
somebody would want to connect at 802.11b using WEP when there are
better
products out there now.

http://techrepublic.com.com/5100-6265-5060773.html

http://www.zdnet.com.au/techcentre/w...0278612,00.htm

Well, the gist is that WPA was made available on 802.11g products first and
is only now rolling out on 802.11b. *If* you can get a WPA upgrade on your
802.11b, then by all means do it. If it's not available, you're stuck. Even
if it is, it may not be useable on older 802.11b gear due to performance
limitations that also affect WEP.

"Macuser" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> "gary" <(E-Mail Removed)> wrote in message
news:<0YDwb.5408$(E-Mail Removed) digy.com>...
> > 802.11g sees most of the WPA activity because the required hardware
support
> > is in the chipsets. WPA is an interim solution being pushed by the WiFi
> > Alliance to plug the WEP security hole while we wait for 802.11i to
become
> > final.
> >
> > While WPA was designed to work with 802.11b, it's really a steppingstone
to
> > 802.11i. 802.11i will add AES encryption, which is much better than
> > WEP/TKIP. TKIP can be implemented in the existing 802.11b MAC, with some
> > performance penalty, but AES cannot. On the other hand, most 802.11g
> > chipsets are designed with TKIP and AES in silicon.
> >
> > From that perspective, it makes more sense to rollout WPA on 802.11g
first.
> > The hardware does it already, so it costs less to implement, and when
> > 802.11i becomes final (next year?) users can immediately upgrade to
strong
> > AES encryption. 802.11b users will have WPA, but the users who need
strong
> > security will have an incentive to move to 802.11g.
> >
> > "Ross Evans" <(E-Mail Removed)> wrote in message
> > news:e3Bwb.43795$(E-Mail Removed)...
> > >
> > > "Macuser" <(E-Mail Removed)> wrote in message
> > > news:(E-Mail Removed) om...
> > > > I still don't understand why users continue to use 802.11b with
> > > > unsecure WEP. The market is going to a faster and secure WPA
protocol
> > > > which is included in the new protocol 802.11g.
> > > >
> > >
> > > The manufacturers and vendors are just starting to roll out WPA
support.
> > > Obviously their priorities favor the 802.11g gear because that is the
hot,
> > > higher-margin sector of the market, while 802.11b has become cheaper
and
> > > commoditized.
> > >
> > > WPA support for 802.11b will lag, but it is coming. For example,
Proxim
> > has
> > > missed their announced release date on WPA drivers for the venerable
> > ORiNOCO
> > > Classic Gold/Silver client cards, but they are still expected before
the
> > end
> > > of the year.
> > >
> > > Early adopters pay a premium. It is part of the established tech
economy.
> > >
> > >
> > >
>
> I hear that AES encryption will be in the hardware. I still don't
> understand why
> somebody would want to connect at 802.11b using WEP when there are
> better
> products out there now.
>
> http://techrepublic.com.com/5100-6265-5060773.html
>
>
http://www.zdnet.com.au/techcentre/w...0278612,00.htm

(E-Mail Removed) (Macuser) wrote in message news:<(E-Mail Removed). com>...
> I still don't understand why users continue to use 802.11b with
> unsecure WEP. The market is going to a faster and secure WPA protocol
> which is included in the new protocol 802.11g.
>
> Maybe, they are just pushing old technology off to users in a attempt
> to sell them a secure 802.11g later.
>
> http://www.54g.org/wpa_faq.html

Aw, hell... That isn't the question. The question is WHY do so many
people set things up at their defaults? I'd be delighted to see every
wireless network in the world running WEP, rather than see ten percent
of them on WPA.

The problem isn't that people are *still using WEP*. The problem is
that they take them out of the box and plug them in, and since that
works, they leave them alone.

Anyone can run a VPN over *ANY* wireless medium... enough said.

-m-

(E-Mail Removed) (Macuser) wrote in
news:(E-Mail Removed) om:

> The market is going to a faster and secure WPA

there is northing faster and especcialy NOTHING more secure in WPA.
The faster term may apply to 11g versus 11B only. You lack basic
knowledge, WPA can be defeated, there are papers describing that,
there is no public proof of concept code yet .. so there was no for
WEP while WEP WAS cracked on a daily basis (Madrid or Barcelona
banks afair for example)


Pozdrawiam.
--
RusH //
http://kiti.pulse.pdi.net/qv30/ <-- heckme
Pent-up passive-aggressive dork alert! Whoop! Whoop!
Whoop! Whoop! Boy, you're really lighting up this alarm here!

(E-Mail Removed) (Michael Erskine) writes:

> (E-Mail Removed) (Macuser) wrote in message news:<(E-Mail Removed). com>...
> > I still don't understand why users continue to use 802.11b with
> > unsecure WEP. The market is going to a faster and secure WPA protocol
> > which is included in the new protocol 802.11g.
> >
> > Maybe, they are just pushing old technology off to users in a attempt
> > to sell them a secure 802.11g later.
> >
> > http://www.54g.org/wpa_faq.html
>
> Aw, hell... That isn't the question. The question is WHY do so many
> people set things up at their defaults? I'd be delighted to see every
> wireless network in the world running WEP, rather than see ten percent
> of them on WPA.
>
> The problem isn't that people are *still using WEP*. The problem is
> that they take them out of the box and plug them in, and since that
> works, they leave them alone.

The problem is that the ubuiquity of advanced techonlogy has far
surpassed the intelligence of the average user.

Problems associated:
People don't run Windows Update so they're vulnerable to
things like Blaster and Welchia and every other vulnerability
released for that OS.

People who might be willing to run Windows Update but are on
dialup don't want to deal with 50Mb of downloads.

These same people think they're being nickeled and dimed when
their antivirus subscription runs out so they don't renew.

Good luck getting these people to update and patch all their
internet-accessing applications for known vulnerabilities.

Educating them about the importance of a firewall adds expense
and complexity toan already tenuous dance with technology.

They don't want to run wires, and wireles is cheap and easy to
implement. "and there's nothing on my computer worth getting
at anyway."

The sad truth: The bar is too high. With internet-connected computers
being commodities, the general public is simply not advanced enough to
use these devices safely. Not because they're dumb per se--it's
because you have to be a rather uncomon geek to be on top of all the
things you have to do to responsibly operate a computer that connects
to the Internet.

The client/server model of computing is broken because the people who
own the clients can screw them up far too easily...even with errors of
omission (as the two viruses I found on my mother's computer can
attest).

The good news: decent job security for the folks here who understand
these things, because I see the threats expanding before any major
vendor makes keeping up with security any less complex.

Best Regards,
--
Todd H.
http://www.toddh.net/

RusH <(E-Mail Removed)> writes:

> (E-Mail Removed) (Macuser) wrote in
> news:(E-Mail Removed) om:
>
> > The market is going to a faster and secure WPA
>
> there is northing faster and especcialy NOTHING more secure in WPA.
> The faster term may apply to 11g versus 11B only. You lack basic
> knowledge, WPA can be defeated, there are papers describing that,

Where? All I've seen thus far is a white paper that essentially
reiterates the value of choosing sufficiently complex passwords for
users who opt for a preshared key.

--
Todd H.
http://www.toddh.net/

(E-Mail Removed) (Todd H.) wrote in news:(E-Mail Removed):

> Where? All I've seen thus far is a white paper that
> essentially reiterates the value of choosing sufficiently
> complex passwords for users who opt for a preshared key.
>

here
http://wifinetnews.com/archives/002452.html
and on bugtraq along with leap weaknesses

Pozdrawiam.
--
RusH //
http://kiti.pulse.pdi.net/qv30/ <-- heckme
Pent-up passive-aggressive dork alert! Whoop! Whoop!
Whoop! Whoop! Boy, you're really lighting up this alarm here!