No Microsoft, WEP Is Not An Acceptable Alternative
|
Thanks to Barbara Bowman for pointing this out: A Microsoft Vista Help article on Ad-Hoc Networking tells the user that if WPA is not available, just use WEP. Anyone who pays attention to the computer business knows that WEP is an utter failure as a security protocol. Tools for cracking it quickly are easy to get. It only stops people who aren't really trying. For this reason, it would have been better for Microsoft to say that if your hardware, meaning both your access point and your adapters, don't support WPA, go out and buy new ones. Using WEP is just about as bad as running out in the open, with no security at all. |
Comments (2)
While I agree that WEP was an utter failure, it's a stretch to say it's "just about as bad as running out in the open, with no security at all." It still takes time and a little skill to snag a wep key. Most attackers will simply gravitate towards the softer open targets.
I've lived in a large apartment complex and for 3 years I've had an AP (hostname honeypot) with WEP outside my firewall. I keep meticulous logs and I've never had anyone connect to it that I didn't give the key to. Of course I use WPA2 for all my internal network, but I use this AP for visiting guests who want internet. It keeps them off my network.
Also, I can't recall a single security breech related to WEP...I'm sure they're out there, but it's not exactly bringing down corporations. My point is that WEP is better than nothing, even if only slightly.
Posted by Dicksbain | May 21, 2007 1:25 PM
Actually, it appears that TJX's use of WEP was the initial compromise vector in their scandal. So there's one breach for you.
Posted by Larry Seltzer | May 21, 2007 1:34 PM