Dean Pemberton wrote:
[...] You all know who Adi Shamir is don't ya? (the S in RSA for those who don't)
yeah, he's the guy who built that opto-mechanical factoring device: http://www.interesting-people.org/199905/0019.html ...with regard to securing wireless LANs... I think the best description of the consequences of the IEEE's WEP would be: "expecting the average consumer to configure wireless security is living in a state of sin in a red-light district (not only acceptable, but expected). Of course by simple membership to this list, you exclude yourself from set "average consumer". The counter point is that any business hiring the "average consumer" to configure their IT resources won't be in business very long. Expecting any encryption algorithm to stay secure over time is pretty much wishfull thinking... most wireless access points are hardware devices that will be lucky to see one upgrade over their entire lifetime. In which case, wireless LANs are best left unsecured, instead relying on strong, adaptable client-end security... that, and treat the wireless segment as an untrusted DMZ through which only properly authenticated and covered access (independant of the wireless device) is allowed. Anyone up for a research project on geographically localized DDoS attack client that uses bandwidth available via unsecured wireless LANs? Anyone up for a reserach project that does triangulation (assume sectored antennas, but you could also use tcp/ip finger printing), across multiple independant access points, on unauthorized network joiners? I believe it *is* the same god that created both cat and mouse. (appologies to william blake) --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog