Yeah and those locks on your doors are a joke! Why are you pretending your home has an expectation of privacy? So dumb! Of COURSE anybody can just come into your house any time they want.

Most people aren't even wearing bullet-proof helmets when they sit next to a window leaving them totally vulnerable to snipers. They get what they deserve.

Not sure if you were joking, but you are right:

http://en.wikipedia.org/wiki/Lock_bumping

That, and good ol' violence.

He isn't advising you don't need to lock your house because the locks are insecure. He's just pointing out that you probably shouldn't lose sleep over if someone can break in or not, especially when windows are easily broken.

In general, home locks aren't to keep people out. They're to keep people honest. For everything else there's insurance.

Precisely. And much like burglars, people trying to access your WiFi fall broadly into two groups; those who want to access any of the WiFi in the area and those that want access to your specific WiFi. My guess is that in the vast majority of cases it's the former and as long as your 'locks' are better than your neighbours you'll be fine. However if it's the later, then just like burglary you've entered a whole new problem space.

Honestly, I use WEP encryption because I know that WiFi security is a house of cards in general. As you've said, it's enough to prevent the typical user from leeching bandwidth.

The nice thing about using WEP is that if someone does end up using my network for something nefarious and I end up holding the bag for it, I (or an expert witness) can point out that WEP is known to be vulnerable in court giving me an out.

- Until they link this post back to you, and argue that you knowingly weakened your security.

- Until they argue that the default encryption level on routers now is WPA/WPA2, so by enabling WEP you were actively lowering the security level.

- Until they argue that your technical background means that you should have known better that WEP is crackable.

That's all well and good, but I have still not given authorization for the use of my network to the malicious user. An open network invites legal dispute as to whether the lack of encryption constitutes implicit permission to use the network [1]. By having encryption, even if easily cracked, I have let the malicious user that they are not welcome on my network and have absolved myself of any responsibility for their actions.

Following your reasoning, my background means that I should know that I shouldn't have a wireless network at all. There are vulnerabilities for just about any method I would use to secure a wireless network.

My important stuff is firewalled within the network. I use WEP because it's the easiest way to give network access to folks I've authorized to use my network while still letting unauthorized users know they're not welcome.

[1]: http://en.wikipedia.org/wiki/Legality_of_piggybacking

> Following your reasoning, my background means that I should know that I shouldn't have a wireless network at all.

It would be argued that you should have taken 'reasonable' measures to prevent unauthorized access. It could then be argued that using WEP is not reasonable, especially it you know it is easily crackable.

Should we lock our doors with bank-vault locks, since we know how easily most common door locks are picked? The fact that an attacker would have to actively bypass the security should be enough for legal purposes. It is not like an attacker could accidentally crack a WEP-protected network and not know they were doing it.

No, nor should we uninstall the default deadbolt that comes with the house and replace it with a simple gate-style lock (you know, the kind you can reach over and unhook).

We should use the default standard method of locking our doors. And our Wi-Fi access points.

Except he's enabled WEP because it's "more convenient" for him. It's still a strong signal that he doesn't want outsiders on the network.

A better door analogy is replacing the deadbolt with a slightly crappier one that unlocks whenever you're in bluetooth range (for "convenience"). Just because the system is "easily broken into" doesn't mean that you're not "breaking and entering" when you break the security and enter the house.

Incidentally, most deadbolts are ridiculously easy to pick. I can get into my front door deadbolt in about a minute with a multitool and a safety pin bent into the shape of a pick with said multitool [1]. Unless you've upgraded your typical run-of-the-mill deadbolt to one with mushroom, spool, or serrated pins [2] it will take roughly the same effort. Those higher-security locks typically run over a hundred bucks and as such aren't what most house builders would put in a front door.

[1]: http://www.crypto.com/papers/notes/picking/

[2]: http://www.lockwiki.com/index.php/Security_pin

Unfortunately, I have had to enable WEP a few times for certain OS / network card / router configurations, so there are or can be compelling reasons to do this. Pretty sure it was XP though my wife's XP box is working fine with WPA2 on my current router.

However, I try to treat even my home WIFI as if it were a coffee shop. The password is there to keep leechers out, but I still vpn into a more secure location for some tasks, use SSL when connecting to sensitive services, and keep my ports locked down.

You may find sshuttle interesting [1]. It's essentially VPN implemented via SSH tunnel.

[1]: https://github.com/apenwarr/sshuttle

The one annoying thing is that you can't do selectively do DNS over the VPN, but that's really only useful when you want to separate work / personal on the same machine at the same time.

Buy a Nintendo DS Lite, some prefer the form factor to the newer models :)

That does not make much sense. You're being paranoid and actively helpless.

WPA2 is in fact quite secure if you're careful about your passkey and who you give it to.

i'd like you to come and crack my WPA2 password. its not because wifi has had various bad issues, that current wifis with a proper configuration aren't secure.

Heck, in many countries, wifi routers actually use WPA2 with a pregenerated shared key, which is a good 24 chars long and fully random. Incredibly easy to guess or crack! (its very, very hard to crack.)

Your analysis is spot on. My first assumption on reading this was, "What does it matter?" I think the starting assumption for everything online is, "This will be read by someone other than it's intended audience until proven otherwise." This is doubly true for Wifi.

Do you have a citation for that claim about WPS and home users?

While it certainly could be the crowd I hang out with (not all of which are techies, mind you), but I've never met anyone who uses WPS.

"In December 2011, researcher Stefan Viehböck reported a design and implementation flaw that makes brute-force attacks against PIN-based WPS feasible to perform on WPS-enabled Wi-Fi networks. A successful attack on WPS allows unauthorized parties to gain access to the network. The only effective workaround is to disable WPS.[4]"

- http://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup#Security

[4] http://www.kb.cert.org/vuls/id/723755

WPS is enabled by default on practically every wifi router sold in the last 7ish years.

My buddy, who does security research, tells me that on stock firmwares of a lot of routers WPS is turned on and can not be turned off. He claimed that he encountered several routers where after turning off WPS in the settings he was still able to use WPS vulnerability to crack the key. He thinks it has to do with the setting not being fully applied, as in, the check mark changes, but nothing happens on the backend.

Mind you, I think with open source firmware like TomatoUSB and good password you should be good.

Well, not on mine, and it's a somewhat common one (Fritz!Box) in northwest Europe.

Isn't it about time we get new security standards for Wi-Fi? Is there anything in the works right now to replace WPA2?

There's nothing seriously wrong with WPA2 itself. I'd consider it as secure as pretty much anything else out there that uses 128bit AES (given that your key exchange is secure of course - read on below).

The problem is with the PSK variety, mainly that it's susceptible to offline dictionary attack: about 5% of actual WPA2-PSKs can be easily guessed [1].

There is stuff in the works to fix this though. My favorite is EAP-PWD [2]. It's resistant to offline dictionary attacks, it has perfect forward secrecy and it's already supported by Android. Basically, it's what WPA2-PSK should have been.

In the mean time, if you're security conscious just set a long random PSK or configure e.g. EAP-TLS. Both will give you strong security against pretty much any attacker.

1. http://wpa.darkircop.org/

2. http://tools.ietf.org/html/rfc5931

Is there a way to authenticate that you are connecting to your AP?

Yes, check out the many variations of the EAP and PEAP authentication protocols. Client authenticates the access point by its certificate, client gets authenticated by his/her client certificate. While some combinations have some flaws, like MSCHAPv2 may have too short keys for instance, there are others that I consider quite solid.

http://en.wikipedia.org/wiki/Extensible_Authentication_Proto...

EDIT: Sorry for having repeated some of the stuff bjornsing already said. Should read through more carefully before rushing to comment, I guess.

Yes, and even WPA-PSK (with a strong pass phrase) has trustworthy mutual authentication: your device will (or should) not connect to a rouge AP that doesn't know the PSK.

The problem isn't limited to WPA2. As far as I know, in and of itself it's actually fairly secure.

Most of the problem is that passwords are either easy for computers to crack or hard for humans to remember. The middle ground has disappeared as computational power has increased.

> passwords are either easy for computers to crack or hard for humans to remember

Obligatory xkcd comic: https://xkcd.com/936/

I loathe whenever people post that comic for one simple reason.

Although mathematically the password given in the comic has a higher entropy and would take more time to crack under normal circumstances, the problem is that it follows a very simple and easily describable pattern: smash (four) dictionary words together into a combination.

Crackers will simply start using wordlist rules to generate large lists of meshed together dictionary words and use them if they have good reason to believe you're using this pattern (pretty sure it's simple with tools like Crunch). Whether they'll guess the proper order is unknown, but as with any other case people will use certain permutations and combinations more than others.

The point is you're supposed to use truly random word combinations since those are at least memorable.

  $ wc -l /usr/share/dict/words
  119095
  $ python -c 'print(119095 ** 4)'
  201175048646341950625
  $ python -c 'print(85 ** 10)'
  19687440434072265625

So, even if your target is known to be using this scheme in pure form, this has more entropy than a completely random 10-digit password (assuming ~85 characters) -- and who would actually be using such a thing, except someone using a password management program - who could just as easily be using a 20-character random password?

So even if it becomes known, it's an improvement on what users are doing now.

Can never turn down an opportunity for a one-liner.

  $ perl -E 'open(my $fh, "<", "/usr/share/dict/words"); my @words = map {chomp; $_} <$fh>; close $fh; say join " ", map {$words[int rand @words]} 1..4'
  menu chemists administrative seeps

Might have to run it a couple of times before you get something that you can memorize.

You shouldn't use a non-cryptographically secure random number generator (perl's rand) in the context of password generation. It's too risky.

Ew.

    shuf -n 4 /usr/share/dict/words | tr -dc 'A-Za-z0-9'

You can use a dictionary of the most common 10000 words, you'd still have loads of entropy.

The whole point of the comic is that even with that known "simple pattern," you still get higher entropy than a normal password.

Obviously a random 64 character string would beat either of them, but if you're expecting a human to memorize a password, correct horse battery staple is clearly preferable.

I think you've missed the point.

There are more possible permutations of four words than permutations of 10 upper/lowercase letters, digits, and common symbols. The four random word approach is harder to crack.

I also add digits, some punctuation, a misspelling or two and the words are not in English. Oh, and I've got different passwords everywhere.

apriorixWasxTotallyxWrongxAboutxThis

is a really good password that people can remember easily.

Added to dictionary.

snap!

Fortunately, it is entirely unnecessary to remember your Wifi password (provided that you trust your devices…).

Create a near-random 63 char password, put it in a text file on a USB key and possibly print it out as a QR code and you’ll never have to worry about either entering it by hand or it getting cracked by that strange kid across the street.

until you buy an apple TV (and don't want to cable it). Fun ensues.

I use a random 63 character WPA2 password, and my solution was to cable it initially, and then set up the WiFi password using the iPhone remote app.

And if all else fails, entering 63 characters is not really that hard either (unless the Apple TV has one of these weird on-screen letter-choosing wheels you sometimes encounter in videogame consoles and the like).

Oh god, yes it is. Especially when you realize halfway through that the iPad cannot type "`".

(You can copy and paste it, though.)

Or Roku or a nest... Tons of devices use wifi but lack cameras or copy/paste.

The best human rememberable password is 4-5 words from a dictionary + a special character. Assuming that most people have roughly 20k words vocabulary and that most keyboards can type easily say 60 characters, you get 20,000^460 or 9.610^18 passwords. This means that if you were to crack at a rate of one billion (with a b) passwords per second (unrealistic) you would still take on average of 9,000 years or 18,000 years maximum.

If a person is choosing the words, they aren't going to be uniformly chosen from the list. For example, I'd be willing to bet "monkey" is much more common in passwords than "contacted" even though both words are probably known by about the same number of people.

Even so, of you assume that average person knows 20k words but would only use about 2,000 words in day to day life, and thus in his or her password. That still means that at one billion passwords per second (which is completely unrealistic, unless you are NSA) it would take 1.8 years to crack the password. Who would invest that much time and electricity into a wifi password, unless, again, you are the NSA :)

WPA2 is fine for what it's intended, provided you're using a long random key, otherwise the number of key-strengthening iterations could use some beefing up.

There are a few problems with all PSK schemes that make internal attacks problematic. Anyone who sniffs your initial handshake and knows the master PSK can read your traffic. There's a lack of mutual authentication. Having a scheme where each device registers its own password with the AP would probably be better.

Other than that, it's generally a good solution, why do you feel it needs replacing?

WPA2 is probably ok with a long passwor(d|phrase). The problem is nto WPA2 per se but another bundled technology in many rounters. WPS -- that is crack-able very easily. Many routers that even say they disable it don't really do it.

Search for it there is a list of routers that are better than others. With WPA+WPS we are mostly back to WEP days where any kid with a laptop and some googling skills can get access to many wireless networks.