I think you overestimate what is "common". It might be "common" for the network admins or highly technical people browsing this website. It is not common whatsoever for the vast majority of the public that uses WPA for home networking or small businesses. Security is significantly decreased for everyone if it's only practical for those that are highly technical.
It would be great if it actually was common, and such features came pre-configured out of the box for users. Unfortunately, most of the routers I'm aware of that are given to users from ISPs don't even support guest modes.
Uh, sure, if you're only talking about home users then of course current and future products are a disaster. That's more a function of the markets than the standard.
You're right, and that's a problem even for companies. Security is a game of weakest links. Your company can spend billions of dollars accomplishing 99.99% vulnerability coverage on their networks, but it will be meaningless if your employees go home and connect their work laptops to a compromised home network.
I don't think there's an easy fix for this and I'm not criticizing WPA3 or anything. Ideally we could just update/throw out old, incompatible devices, but realistically I know that's not going to happen. I'm just pointing out that the suggestion to "keep WPA2 enabled for your old, WPA3-incompatible devices" kinda misses the point about WPA3 in the first place.
I don't see how "keep WPA2 enabled for your old, WPA3-incompatible devices" is any more of a problem than "keeping WPA2 enabled" was a problem yesterday.
If you're vulnerable to compromised coffee shop or home networks already, you're likely to also be vulnerable tomorrow. The only change is a slight increment in the standard. And the worst companies are not going to be saved by any change in the standard.
I guess I don't really see the point of this entire subthread.
>I don't see how "keep WPA2 enabled for your old, WPA3-incompatible devices" is any more of a problem than "keeping WPA2 enabled" was a problem yesterday.
There's a false implication here that "keeping WPA2 enabled yesterday" isn't a problem. But it is. There are flaws in WPA2, and fixing those flaws is the entire point of developing WPA3. Security is supposed to get better as time goes on (hackers are certainly getting better whether your security is or not). But security isn't getting better if you just keep using the old standards.
Would you feel comfortable enabling WEP on all your company's routers with the justification "well we're not any more vulnerable today with WEP than we were in 1998 with WEP"?
>I guess I don't really see the point of this entire subthread.
It would be great if it actually was common, and such features came pre-configured out of the box for users. Unfortunately, most of the routers I'm aware of that are given to users from ISPs don't even support guest modes.