[brlug-general] Help with PEAP, TKIP, WPA and wpa_supplicant
Dustin Puryear
dustin at puryear-it.com
Fri Feb 2 09:06:07 CST 2007
I disagree. Kind of.
Obviously, end-to-end encryption is the only way to be [mostly]
secure. Certainly. But, the last 100 feet in a wireless network is
VERY INSECURE AND VERY EASY TO INTERCEPT. The same cannot be said of
wired networks or even of most traffic on the Internet. If I had $10
to spend on a solution, I'd rather spend it on encrypting my wireless
traffic than spend it elsewhere. Now, if I had $20, I'd encrypt
everything. :)
---
Puryear Information Technology, LLC
Baton Rouge, LA * 225-706-8414
http://www.puryear-it.com
Author:
"Best Practices for Managing Linux and UNIX Servers"
"Spam Fighting and Email Security in the 21st Century"
Download your free copies:
http://www.puryear-it.com/publications.htm
Thursday, February 1, 2007, 4:13:35 PM, you wrote:
> On Thu, 1 Feb 2007, willhill wrote:
>> The political part of the battle has been pushed very far into negative
>> territory by the bad guys. The usefulness of encrypting the last 100 feet of
>> network is laughable in the larger battle for user privacy, but that's what
>> is being pushed for.
> I agree 100%. Encrypting the last 100 feet of your unsecured
> POP/IMAP/HTTP connection is silly. While wireless security is important,
> the big push for it is just FUD to give people warm fuzzies that they are
> "secure". You have to look at the entire transmission, and secure all
> points of interception to be "secure". I have always told people, even
> before wireless, that you need end-to-end encryption. Use ssh, SSL, TLS,
> and VPNs to secure your data transmission.
> Never trust that port in the wall. By the same token, never trust that
> radio on the ceiling.
> ray
More information about the General
mailing list