Monthly Archives: May 2005

Cryptic Encryption: Making sense of WiFi security standards

I few weeks back, I revamped my home network to deal with a flakey router and what proved to be flakey firmware on an otherwise solid pair of wireless router/access points.

The flakey router was removed, and “HyperWRT firmware”:http://www.hyperwrt.org was installed on the Linksys WRT54G router/access points. One of them was configured to serve as my internet firewall/router. Both “were configured for WDS”:http://www.linksysinfo.org/modules.php?name=Forums&file=viewtopic&t=2946 to allow the 2nd device to provide access for a wired PC in the living room and extend the range of the wireless network.

Everything worked well, much better than before, but in the back of my brain, I was nagged by the fact that my network was only secured by the “increacingly vulnerable WEP standard”:http://www.tomsnetworking.com/Sections-article120.php. Even worse, the new firmware seemed to offer an alternative by offering support for the more secure WPA standards.

Unforutnately, my first foray broke my link to the living room. I configured both WRT54Gs to use WPA Preshared Keys with TKIP. The result was that my laptop wouldn’t connect and my WDS link would fail after a small amount of time. The laptop problem was fixed by updating the driver.

The WDS problem was stickier. I learned that the overlap between TKIP and WDS is underspecified. There are some solutions to the problem, but it wasn’t clear to me what they were. There were some reports of getting wds to work with AES instead of TKIP, but when I first tried it, it failed.

This morning though, when I was going to roll everything back to WEP, I noticed that everything seemed to be working. After some investigation, it seems that the AES option is shorthand for an even more recent set of protocols that make up the WPA2 standard. It specifies both a method of authentication and key management that goes beyond TKIP while interoperating with WDS. In addition, it uses the AES encryption standard, which is more secure than the standard used by WEP and WPA/TKIP.

The only downside is that AES is more computationally intensive. The result is that my older hardware is an even bigger bottleneck than before. With WEP I was able to use about 50% of the theoretical 54 Mbps offered by 802.11g. With WPA and AES, I can only use about 25%.

*Update:* It appears I am wrong about the throughput. The Broadcom chipset used in the WRT54G has a hardware encryption accelerator and various reviewers report no obvious penalty for using AES. I even tried myself, by temporarily disabling encryption and transferring the same large file as before. I didn’t see any difference either. It looks like real-world bandwidth for 802.11g is ~11-25 Mbps, which is about what I was seeing.

Bummer. I guess I’ll have to keep an eye out for when 802.11n gear gets cheap. That, or finish running Cat5 between my office and living room as I set out to do last fall.

Tom DeLay’s whines, his support declines

In a recent episode of Law & Order: Criminal Intent featuring a plot-line about the murder of a federal judge, a cop quipped:

bq. “Maybe we should put out an APB for somebody in a Tom DeLay T-shirt”

Now DeLay is having a hissy-fit:

bq. “This manipulation of my name and trivialization of the sensitive issue of judicial security represents a reckless disregard for the suffering initiated by recent tragedies and a great disservice to public discourse.”

Creator/executive producer Dick Wolf, one of the most visible Republicans in the entertainment industry calls bullshit: “I do congratulate Congressman DeLay for switching the spotlight from his own problems to an episode of a television show.”

more from “Yahoo News”:http://news.yahoo.com/news?tmpl=story&u=/ap/20050527/ap_on_go_co/delay_law___order

Finnish Tablet

Nokia has released a “pocket-sized WiFi Tablet”:http://www.nokia.com/nokia/0,1522,,00.html?orig=/770.

This strikes me as a clever move on their part. It takes advantage of increacingly available WiFi bandwidth and does so with a device that’s cheaper than a portable PC and many smartphonesn (I’ve seen suggestions of $300 price points), which positions it well in a lot of emerging economies where penetration of said devices is relatively low.

It’s running Linux and appears to accept third party apps, which will no doubt attract a lot of interest from geeks, some of whom might turn out interesting software for it.

It also lets them start to dable in the VoIP market without freaking out mobile carriers too much.

It will be interesting to see how long it takes Skype to release a version for this device.

Now, there are lots of ways they could blow it with this thing. But I think this could be the start of a very interesting strategy.

One thing I know. I want one.

“More on eHome Upgrade”:http://www.ehomeupgrade.com/entry/984/nokia_launches_new

Indiana Superior Court Judge has amazing Acrobatic Abilities

A Marion County Superior Judge has barred divorcing Wiccan parents from teaching their child pagan beliefs.

Why he thought that he was somehow entitled to render judgement respecting an establishment of religion, or prohibiting the free exercise thereof is beyond me. Perhaps he’s figures that since he’s a judge, rather than a congressman, that the first amendment doesn’t apply to him? Or maybe he’s ticked off about the whole “daylight savings time thing”:http://www.mccsc.edu/time.html.

I’m more interested in knowing how he manages to sit on the bench with his head stuffed up his backside.

Apple as a Mobile Carrier

This is kind of wacky.

bq. “Mac OS Rumors :: The Original Mac Rumor Site”:http://www.macosrumors.com/20050523B.php
Because cellular network carriers have essentially all of the power in the equation, _Apple has been exploring the possibility of becoming one itself *by erecting towers at or near its retail store locations* and making an alliance with one or more carriers to “piggyback” on their networks._

p. Errecting towers at or near its retail store locations? What kind of crazy idea is that? If they were Starbucks, that might actually provide reasonable coverage, but even the Mac faithful are going to have a problem limiting their mobile calling to the tiny number of Apple Stores within the US.

On the other hand, Apple becoming a virtual carrier, reselling service on other networks makes a lot of sense, at least from the point of view of bootstrapping iPod phones and mobile sales from the iTunes Music Store without giving the carriers an exhorbitant cut.

Of course, if having some towers put Apple in a better negotiating position with respect to renting infrastructure from the major carriers, then that would makes sense

It will be interesting to see what happens.

Freakonomics Blog RSS Lameness

I’ve not read Freakonomics yet, but I’m going to. That didn’t stop me from trying to subscribe to the “author’s blog”:http://blog.freakonomics.com/ when I found out about it.

They don’t make it easy. Neither Onfolio nor Firefox’s feed detection mechanism was able to auto detect the feed. Which is odd, because there is a nice yellow XML button in the sidebar, along with button’s for adding the feed to various web based aggregators via their proprietary mechanisms.

Clicking on the XML feed button takes me to a feedburner page which again stymies Firefox and Onfolio. A little rooting around finds a link to an Atom feed, which I was finally able to add more or less manually.

What’s particularly absurd about all of this is that the Feedburner page is clearly trying to accomodate all comers. Onfolio might be considered a fringe RSS reader, but Firefox is rather popular in some circles, and its Feed detection mechanism interoperates with some RSS readers.