6 Burning Questions About Wireless Networks

alphadogg writes "Answers to wireless network questions such as: What impact will 802.11n have? Which wireless security threats are scariest? What of wireless VoIP? Will your organization need to change to support enterprise mobility? How do you control costs in an expanding mobile and wireless environment? What can you do to stop wireless denial-of-service attacks?"

My question

[CastrTroy]

Here's my question. When are router manufacturers going to start requiring people to use WPA security? I got a Wii a couple weeks ago, and used the wireless part of my wireless router for the first time. Setup of WPA was very easy. I also found about 5 other open networks that I could have connected my Wii to. I find it amazing that people are leaving their connections open when setting up a secure connection is so easy.

Re:My question

[dattaway]

Those open connections are just part of the redundancy of the internet. And the next time RIAA come knocking on our door, we just point fingers again.

Re:

[A non-mouse Coward]

Riiiiight.
Because the "WAP is open" defense works so well [arstechnica.com].

Re:My question

[morgan_greywolf]

Here's my question. When are router manufacturers going to start requiring people to use WPA security? I got a Wii a couple weeks ago, and used the wireless part of my wireless router for the first time. Setup of WPA was very easy. I also found about 5 other open networks that I could have connected my Wii to. I find it amazing that people are leaving their connections open when setting up a secure connection is so easy.

Is it up to Microsoft to require people to use secure passwords? Is it up to Oracle to require people with sensitive data to use the data encryption features of Oracle? Is it up to the postfix authors to require people to not run open mail relays?

As always, security is left up to those running the system. Similarly, wireless network security is up to those running the network. You can't force people to be secure. All you can do is strongly encourage it.

Re:My question

[danbert8]

Yes, but when you start Windows for the first time, it asks you to set a password. When you plug in your router, it does not ask you to set up wireless encryption. You can always leave the password blank for Windows, but you were at least given a prompt to set one.
 
Moral of the story: Never underestimate an idiot... They will always do nothing more than you make them.

Re:

[asills]

Most newer routers come with CDs to let the lay people set up their routers. The CD walks them through setting up their wireless router and the recent ones inform people to pick a "security key" and it sets up the wireless security for them (I found this out because I was amazed at finding out my mom had WEP enabled, even though she had no idea what it was - and regardless of how bad WEP is, for any random house in any random neighborhood it's good enough).

So if you would RTFM and/or UTFCD the router came w

Re:

[Odiumjunkie]

> Yes, but when you start Windows for the first time, it asks you to set a password. When you plug in your router, it does not ask > you to set up wireless encryption. You can always leave the password blank for Windows, but you were at least given a prompt to set > one.

Yes, but by default the Adminstrator password is left blank, with the username "Administrator".

Re:

[Name Anonymous]

Is it up to the postfix authors to require people to not run open mail relays?

At least postfix by default doesn't have open relaying set up.

Re:

[Achromatic1978]

I'm curious ... you seem to be implying there are MTAs that are open relays upon install. Please, show us one.

Re:

[innerweb]

Right...

And you shall:

• Maintain your automobile, engine and all
• Prescribe your own medications
• Manage all the trades and investments in your retiremens account(s)
• Manage your local police force and do all the policing
• Raise and educate your child(ren) on your own (no teachers)
• ...

I would hope that all of these things the vast majority of people would not try. A few would be qualified to do some. For all of these things, we are directed by the *authorities* to have someone else do it, either because i

Re:

[Cal Paterson]

Is it up to Microsoft to require people to use secure passwords? Is it up to Oracle to require people with sensitive data to use the data encryption features of Oracle? Is it up to the postfix authors to require people to not run open mail relays?

Almost. The policy of sane and secure defaults should be followed. Most distros try their hardest to do this, sometimes getting it wrong, but it is probably the biggest factor in the reduction of attacks against FOSS Unix machines.

Re:

[PhoenixFlare]

I think many people just don't realize how far the range on some of these devices reaches - or they just automatically assume it will be stopped by the windows/wall/floor/etc.

I had the same experience when I got my Wii - it picked up probably 6 or 7 networks within my condo building, with probably 3 or 4 of those unsecured. Even my DS still manages to pick up 2 or 3 other networks from elsewhere in the building.

Re:My question

[Anonymous Coward]

Require? Why the hell should they 'require' it? I can see turning it on be default, but no way should it be required.

I choose to share my wireless with anyone who might need to connect to check their mail etc. I VPN from my laptop to my OpenBSD gateway to keep my own work encrypted, and also allow access my wired home server.

I use the packet filter to ensure I get first dibs on traffic, but any spare bandwidth is open for others to use as the need.

Having it on by default is good. Having it required is not.

Re:My question

[CastrTroy]

I hope you don't regret it when the cops come knocking on your door because somebody has been using your wireless connection to do something illegal like trading child porn. Maybe you wouldn't get convicted because they won't find any other evidence, but I'm sure it would be a major inconvenience. Why risk it? I know you're just trying to be a good Samaritan, but I pay for my internet, and expect that my neighbors would do the same.

Re:

[Idbar]

Well then, that is a good indicator that you are in the wrong neighborhood. However, there's always a way to keep track of the computers using your network.

The only reason I have my network protected, is because I don't want to do all that security thing of encrypting, keeping logs. If I weren't lazy enough, I'd keep logs as future support and keep the network open.

Re:My question

[steveo777]

Well then, that is a good indicator that you are in the wrong neighborhood.

The neighborhood will never have anything to do with what kind of neighbors you have when they shut the front door. Sure, you can get a good idea by looking at the outside, and everything may look pleasant. "Never judge a book by its cover"

A friend of mine had a roommate for six months. Everyone agreed he was a pretty good guy. If not a bit obnoxious. A month after the guy moved out the police broke in with a warrant, took every computer and all his media. Movies, cassettes, CDs, DVDs, blanks, everything. They pull my friend into the station and put him behind a mirror and ask him tonnes of invasive questions about sexuality. After a couple weeks they call back. They talked to the old roommate, who confessed to trafficking child pornography. My friend got everything back, which I understand doesn't always happen.

I'd say it's a good idea to secure your network or at least keep some kind of log.

Re:My question

[battjt]

And what will you do when the police come knocking on your door because someone filmed child porn in your backyard?

Why risk it? Put up a 20 foot fence!

What will you do when you find out that a homicide was committed with your hotwired car? How about the death threats made on your phone line (you should have bought a T1 and used encryption back to the CO)? What about the death threats to the president spray painted on your garage? The weed grown by the alley at the back of your lot? etc...

Get real! This is life. The benefits of open WiFi far outweigh the risks. Hell, I've used lots of anonymous connections in a pinch (most recently to look up the default IP of my radio, to configure it).

You drive down the street with a complete strangers approaching with a closing speed of over 110 mph, but you wont leave your internet connection open?!

Joe

Re:

[maillemaker]

>You drive down the street with a complete strangers approaching with a closing speed of over
>110 mph, but you wont leave your internet connection open?!

The difference is, everyone drives, so chances are, the stranger approaching you on the street is likely just an average joe like you. They probably aren't up to anything nefarious.

I don't think I would put the percentage of likelyhood for being benign as high for people surfing on open WiFi connections.

People seeking out anonymity by piggybacking on

Please re-read my post...

[maillemaker]

>Yeah, all those people at Starbucks with laptops 'seeking out anonymity by piggybacking on their WiFi ' are scary.
>Our University also provides open wireless access to the local community.

You will note I said:

"People seeking out anonymity by piggybacking on /my/ WiFi is scarier to me than your average drive."

Emphasis on "my" added.

I, and the GP are not talking about intentionally open WiFi hotspots like you are.

We are talking about people hooking into home WiFi networks.

The only people likely to be u

Re:

[Sancho]

I receive no benefits from opening up my wifi. I receive benefits if someone else does.

That said, the problem is the current laws and administration. They don't understand that an IP address received from your ISP does not uniquely identify the end-user. Furthermore, the absurd invasion of my home and holding of my property in computer-based crimes is unreal. They'll take your computers, all your media (even obviously retail DVDs), your gaming systems, your TiVo, your VCR.... And that's without any pro

MOD parent up

[crossmr]

This is the real reason why it should have a modicum of security enabled. To show you made an effort. It might not be long before you're held accountable for what your neighbour did on your connection, even with a complete lack of evidence. It sounds like great way to deny an IP crime, "My wireless access point was unsecured, anyone could have done it". It takes a small law attached to a wheat bill to say that people are required to take reasonable steps to secure their wireless connections, and you're spen

Parent is on crack

[LurkerXXX]

And when someone cracks your WPA/WAP encryption or weak password and downloads the kiddie porn, you now are going to bear sole responsibility for all packets to/from your machine because 'no one else could possibly have done it, the machine was secured'.

But hey, it's all good. While bubba has you bent over the bed, you can feel awesome that you didn't let anyone legitimate use your connection in a pinch.

Re:

[crossmr]

I didn't say you're required to lock it up like fort knox. The law would look more favourably on you for attempting a reasonable level of security then not. Not attempting any leaves your connection looking inviting. If they don't find any evidence you have the child porn in either case, they could potentially be harder on you if your access point is open. It is much like a gun. If you don't properly secure it, and your child gets a hold of it and shoots someone (accidentally or otherwise) they're going to

Re:

[LurkerXXX]

It is much like a gun. If you don't properly secure it, and your child gets a hold of it and shoots someone (accidentally or otherwise) they're going to be pretty hard on you if you left it loaded on the couch.

What a complete load of crap.

Is there some law that says access points have to be controlled like guns?

Did you need to get a license for your wireless router?

Was there a 3-day waiting period to get one when you went to Best Buy?

Have you told your local Starbucks/coffee-shop or University that they bet

Re:

[crossmr]

No there isn't, but already we've seen court cases of people getting nailed for something illegal going on on their wireless access points. It still remains to be seen if they'll win.

Its just as ignorant to ignore the current political climate and go ahead with what you want to do because you think thats the way it should be. Its much more intelligent to work to change things before hanging it out there.

The open wireless connection is still an untested defense, and while it may potentially get you off in a

Re:

[fredklein]

I don't want to be one of the cases where my connection is abused and my life is turned upside down because of the ignorance of those in charge.

So you have 2 choices-

1) Never do ANYTHING that those 'idiots in charge' might EVER mistake for illegal.

2) Get rid of the idiots and get SMART people in charge. (Or at least technology-wise people)

Re:

[Sancho]

1) Never do ANYTHING that those 'idiots in charge' might EVER mistake for illegal.

No, apparently you, like many people, don't understand that there are gray areas. It's not a binary choice. It's risk management, and I have decided that the risks aren't worth it. Besides, it's not mistaking things as being illegal, it's mistaking who is the person performing the illegal act. In the online world, where connections from one IP address can be made from many, many different people, it's pretty hard to tell who is doing something bad. It may be that the police shouldn't try, but they do,

Re:

[fredklein]

there are gray areas

Yeah. 'Gray' is where you get all your stuff back just a few years after it was confiscated. Some is missing, some broken, and the rest obsolete. This is not the worst case, it IS the middle ground. The extremes are:

White: Cops knock on your door, and say there was child porn coming from your IP. You point out you have an open AP, and turn over what logs you have. The cops leave, never to bother you again.

Black: You get arrested, your stuff taken, and charges filed. The prosecutor drags

Re:

[Sancho]

Nope. We were talking about actions that individuals do, not the repercussions of the police. Try to keep on target.

Black: Do all sorts of crazy things, hoping that The Man won't come down on you.
White: Never do anything which might cause The Man to come down on you, specifically because someone else did something illegal, but made it look like you did.
Gray: Protect yourself from the consequences which you subjectively decide are not worth dealing with given the potential gains/losses and difficulty in i

Re:

[Deliveranc3]

Well maybe someday you'll learn to work together, I don't own a pick-up but I have a piano, one of my friends owns a pick-up.

I use a lot of bandwidth, so I'm a poor person to share with which is why I should share out.

Scaring People into Not Sharing Wireless

[billstewart]

Yes, it's theoretically possible for Bad Things to happen with open wireless. (Moderately Bad Things have even happened to me - a neighbor's laptop got virused and used my guest wireless connection for spamming for half a day once.)

But basically it's rare, and the scare stories about Bad Things That Could Happen If You Share Wireless appear to mostly be propagated by the kinds of broadband companies that don't want increased traffic on their nets, and by the kinds of pundits who get their reputation points

Re:

[griffjon]

We have cable, our neighbors have DSL. It's common for one of those services to be out of whack, but rare for both of them.

Re:

[secolactico]

so if the idiot gestapo take my computers for a look, I can continue to work until they read up on how these internet 'tubes' thingies work

I don't mean to censure or discourage your practice of keeping an open AP, but it seems to me that they can do more than simply take your computers away.

They could file charges, take you in custody, leak your name to the press, harass you for the names or your "accomplices", etc. Dealing with law enforcement can be a real bother sometimes (I guess it depends on the juri

Re:

[Anonymous Coward]

Sure, they could do those things. They could do similar things for any number of trumped-up charges in cases where it's easier to point a finger than do actual detective work. The question is, at what point do you stop living your life as you would choose to live it, to keep 'safe'.

Now, realize I'm a liberal and actually have some balls, unlike those pussy neo-cons who are willing to trade their freedom from security from 'the evil terrorists who are going to kill us all at any moment'. If the police har

Do you know how much time that takes

[oliverthered]

First off for WPA to be useful they have to put a non default password on the router, that's not an easy job and will push up the price of the routers quite substantially.
And then there's all the support calls from people who can't access their router because they couldn't find the password/lost the bit of paper with it written on etc...

In short, if routers can with encryption turned on by default they would have to have some kind of default password.

And if they have a default password everyone knows it so

Re:

[CastrTroy]

Maybe they could put an LCD Display on the front on the router that can display the default password. The default password is randomly generated when it it plugged in for the first time. It can be regenerated by pushing some button on the router. 1 hour after the first connection has been made, the password stops displaying. I'm not sure what the best solution is, and I realize that it should still be possible to create an open access point for those that wish, but I think they should make it a lot harde

Re:

[niceone]

First off for WPA to be useful they have to put a non default password on the router, that's not an easy job and will push up the price of the routers quite substantially.

I dunno, they already burn a unique mac address into each one, and often print it on a sticker on the case too. Doing the same for a default password doesn't seem beyond the realm of possibility.

I'd expect the extra support costs for doing the WPA setup would be the main problem.

Re:

[ptbarnett]

First off for WPA to be useful they have to put a non default password on the router, that's not an easy job and will push up the price of the routers quite substantially.
And then there's all the support calls from people who can't access their router because they couldn't find the password/lost the bit of paper with it written on etc...

It can't be that hard, because at least one manufacturer has figured it out.

I have an ActionTec router, provided to me with my Verizon FIOS service. WiFi was pre-enab

Re:

[Kichigai Mentat]

I'll use WPA when all my devices support it. Granted, I'm not leaving my access point to be unencrypted, but I'm using WEP. I'm a technologically aware guy, I know that WEP can be cracked. But here's my story:

I have a PSP, and I love using it as a web tablet. It supports WPA, but it doesn't support WPA2, WPA Enterprise, or WPA2 Enterprise. The Nintendo DS doesn't even support WPA, and I like my online Tetris. I have an old laptop I use for StarCraft LAN parties, it's USB WiFi device has trouble with WPA.

Re:

[Achromatic1978]

and I'm actively trying to hunt down a PDA or smart-phone that supports WPA Enterprise so that I could get online without having to whip out my laptop and wake it up

I'm fairly sure most HTCs do, including the Wizard (T-mobile MDA). My employer has wireless at work, WPA2 with mandatory client certs for authentication, etc, etc, and my MDA can connect to it happily enough.

Re:My question

[Deliveranc3]

Corrolary question, when will they give me a wireless security setup that matches what I want.

I want to share about 30-40Kpbs and have intelligent performance algorithms managing the rest, I want to have my transmissions encrypted while allowing others to SHARE my web-access. (I know that's a big word, like "communist").

When we move to 802.11n (Assuming the same number of wireless routers as currently exist there will be almost 80-90% coverage in urban areas, why would I need a cell phone if we all shared, how about intelligent sharing between networks as a mesh? Once we overflow the casual bandwidth limits we can stop dealing with this "expensive last mile" crap and start getting isolated fibre channels.

My computer is secure, my internet access is mostly encrypted or tunneled, but I don't have access everywhere for affordable prices, I don't think security and sharing have to be mutually exclusive.

Re:

[TeknoHog]

I want to share about 30-40Kpbs and have intelligent performance algorithms managing the rest, I want to have my transmissions encrypted while allowing others to SHARE my web-access. (I know that's a big word, like "communist").

Me too. However, I think the main problem is with ISPs who don't want you to share your connection. Some operators do allow FON [wikipedia.org], apparently since it's a closed and logged system, but as another business it goes against the ideals of sharing, IMHO.

Re:My question

[crossmr]

Don't buy a residential device? If you want to do advanced set up, pony up the bucks and go purchase a device to do it.
As mentioned FON is a cheap solution to do that, it puts out 2 SSIDs, a shared one and a private encrypted on, and you can use the web interface I believe to rate limit people on your open shared line.

Otherwise go buy a high quality business device with more than one available AP and set it up to do whatever you want. Cisco has tons of devices that can deliver you that kind of setup. So the answer is, its already there. Go nuts.

Re:

[pclminion]

Here's my question. When are router manufacturers going to start requiring people to use WPA security?

Hopefully never. Who the hell are they (and you, for that matter) to tell me I can't run an open network? Making it impossible for me to do so is a good way to guarantee I'll be going with another vendor.

I find it amazing that people are leaving their connections open when setting up a secure connection is so easy.

I similarly find it amazing how fucking chickenshit some people are. Secure your hom

Re:

[pato101]

When are router manufacturers going to start requiring people to use WPA security?

Yes, sure. By the way, do you know how easy is to crack wireless security by sniffing some hundreds of megabytes? Not saying you should not use encryption, just that wireless security is far from being perfect.

Re:

[walt-sjc]

You do know that WPA is not the same as WEP, right? And that one is easy to crack and the other isn't? Just checking...

That's quite a broad brush you've got there.

[WidescreenFreak]

News flash ... not everyone lives close to others.

I have a friend who runs his own business, as does his wife. So, both businesses are run out of their home using a business-class DSL connection. However, they live on a farm that is so far off any main road or highway that there is no way anyone would know they're there. To get to their farmhouse, which is in the middle of probably 16+ square acres, you have to drive about 1/2 mile on a dirt/stone road into a mountain valley. The nearest house is at

Re:My question

[c_woolley]

I agree. I also think we should point out the number of people that simply do not understand what they are doing or what is needed to secure a wireless connection. My mom is fairly tech-savvy for an older (I hope like hell she doesn't read this) woman. She understands quite a bit more than the average user. She was new to wireless connections, and decided to give it a try. When she called me to ask if there was anything to do besides plugging the provider's connection to her router, she was surprised when I told her she needed to secure it. She assumed (as someone else had already mentioned in a later post) that security was enabled by default. I walked her through the process without any problems, but it still remains that she did not know that enabling security was required. I asked her why she didn't figure it was needed and why wouldn't she feel that anyone could connect if the wireless connection. It didn't ask her for a password or some type of authentication, her computer was able to get to the Internet. Wouldn't that mean Joe Anyone could get there through her connection too. Her answer was simple, and yet effective. "Well, when I plugged my computer into my old router, it never asked me for a password either...smartass." And there is the answer. People are used to not having to secure their physical connections. If they do, it is usually much worse a situation for the average user, since their home is probably being burglarized at the same time. Now, it isn't the same situation for everyone. Some people know fully well that they need to secure their connections, and just don't. Call it lazy or whatever, maybe they just don't care enough or don't think their information is worth stealing. I have even run into one man who opened his connection up so that his neighbors could surf on his dime. He paid for a 12Mb connection and only used the Internet to surf the news. He didn't care that his neighbors were playing World of Warcraft or other online games. As long as his connection to the news was good, so was he. I suppose the bottom line is that there are reasons for everyone. Increasing some people's knowledge about it can help, others may just not care. Either way, I'll still be able to sit at home and open up my network connections and see unsecured networks. It's on me to decide whether or not to take advantage...and on my neighbors to figure out why they have to rebuild their systems every two weeks (just kidding).

Favorite question so far...

[hal2814]

Q: "Is wireless [Wi-Fi-based] VoIP worth the bother?"

A: "Generally, no."

Sponsored by AT&T

Re:

[grasshoppa]

I generally agree with that assessment. I'll take it one step further; I won't do VoIP unless I can punch down into copper at some point ( or a t1. Anything with an SLA ). My phone traffic going over the same pipe as my internet is an incredibly bad idea. More so ( by 100x ) if you are a business.

VoIP over a corporate network is where it shines. But over the wild internet? No thanks.

Re:

[Shakrai]

Sponsored by AT&T

You mean "the new at&t" don't you? It's lowercase now so it's less threatening!

Re:

[Zonk (troll)]

Sponsored by AT&T

You mean "the new at&t" don't you? It's lowercase now so it's less threatening!

Your world. Delivered.

...to the NSA [eff.org]

Re:

[Deliveranc3]

Ancedote, I have a Ghost Phone. It has no record with any phone company, never gets a bill and can make unlimited calls anywhere.

Now none of the phone hacker people are willing to help me move the ghost account to a new phone, this old one gets terrible reception and has 3 hours standby.

But how much is this phone worth, how much is the freedom to never worry about a bill worth? Not to look at the clock not to wonder if you're going over? Well I offered my sister $1200 for the phone 3 years ago (She had

Pure FUD

[mr_stinky_britches]

This article is pure FUD (thats Fear, Uncertainty, and Doubt). The questions in TFA are not so much burning or on fire as the title would suggest..

--
Wi-Fizzle Research [wi-fizzle.com]

tagged this article with 'FUDFUDFUD'

[mr_stinky_britches]

Not sure if /. filters the FUD tag now, so I'm suggesting we tag it with both FUD and FUDFUDFUD (if nothing else it will tell us whether we can avoid the filters by just doing repetitions of the tags we want to show up).

Re:

[dotpavan]

"if nothing else it will tell us whether we can avoid the filters by just doing repetitions of the tags we want to show up"

you mean duping the tags? c'mon, that is not a good way to protest the dupes here..

Re:

[mr_stinky_britches]

Okay, then what would be a good way to protest the tag censoring on slashdot?

Re:

[dotpavan]

you mean duping the tags? c'mon, that is not a good way to protest the dupes here..
I was poking at the slashdot dupes, but after this explanation, it falls flat

Which wireless security threats are scariest?

[$RANDOMLUSER]

I voted for Tesla coils [wikipedia.org].

Re:

[CompMD]

1) Acquire microwave oven.
2) Rig door switch so microwave will operate with door open.
3) Run microwave with door open.
4) ???
5) Profit!

Re:

[oliverthered]

#4 Kill all the commies.

It may have been one of those myths, but I heard somewhere about how if there was an invasion people could run out into the street with their microwaves and fry all the commies.

It sounds so highly implausible that I thought it could only have originated from the US government.

The real questions about WiFi:

[Opportunist]

1. Why can't Router manufacturers make WPA the default and use "no security" instead?

2. Why can't we get the information just how far away the "full bandwidth" works, instead of finding out without fail that most APs can hardly provide the promised bandwidth over distances more than 5 yards?

3. How long 'til we can't use WiFi anymore because all frequencies are already taken by your neighbors and the companies around you? Worse, can you soon be forced to discontinue your WiFi use because the company next door needs your frequency? (Because, yes, it's unusable past 20 yards but can easily interfere with networks a few miles away, it seems)

4. What's the legal implication when someone uses my WiFi AP without my consent by hacking into it and distributing illegal material through it? I'm waiting for the first verdict where you have a completely secure AP, someone still manages to break it and then...?

5. In turn, what about "free" APs, kept open deliberately. What about town wide WiFi networks, a few cities already started a project but they never went anywhere. Care to tell us why?

Re:

[cdrguru]

WPA requires support in the device connecting which isn't always there. It also requires a lot more effort on the user's part to connect up. If routers came with RADIUS servers where you had to log in it would be much simpler and clearer for everyone... but no.

WiFi is on an unlicensed frequency, which pretty much means that as long as the power is low nobody can complain. I suspect there will be a licensed version of WiFi at some point where you buy a license for a geographic area and a channel. This w

Re:

[jshriverWVU]

I use to be in HWUG (Houston Wireless User Group) and there was a decent free mesh there. That was 4 years ago. Hear it's even better now.

Re:

[dave562]

I suspect there will be a licensed version of WiFi at some point where you buy a license for a geographic area and a channel.

This is antecdotal at best and coming twice removed from the source, but I will offer it up anyway. A client of mine is in a business that involves running trucks from southern California up into the central valley as far north as Madera/Dinuba. They wanted constant radio communication with the trucks but realized that they couldn't do it with what was publicly available. What t

Re:

[Idbar]

1. Why can't Router manufacturers make WPA the default and use "no security" instead?

I say, why WPA, why not WEP or 802.1x? Because everything is based on Drafts not standards so everyone does what they want.

2. Why can't we get the information just how far away the "full bandwidth" works, instead of finding out without fail that most APs can hardly provide the promised bandwidth over distances more than 5 yards?
That mainly depends on both your router and your network card, therefore it's quite compl

Re:

[oyenstikker]

"really poor implementation of the wireless connection managers"

The same reason that everything is poorly implemented. Reality is complex, thus the requirements are complex. The requirements are complex, thus a complete implementation would be complex. A vast majority of customers can't handle a complex implementation, so a simple, but incomplete, implementation is built.

These questions are answered

[postbigbang]

1) all the vendors that I've seen have WPA turned on by default. They didn't use to, but then cars didn't have seat belts years ago, either.

2) you can find lots of information about bandwidth. The same site as the article cited has product reviews on ftp throughput; it's about a max of 3/5ths stated bandwidth or less.

3) this already happens. Use 802.11a instead. There are tons of non-interfering channels and you can get double-data-rate schemes with them.

4) someone using your wifi might be legal, but it dep

You ain't looking hard enough

[Khyber]

Not ONE of my Netgear routers has WPA by default turned on. And that's from the earliest v1 of their Wireless-g router to v6 (most recent from my research.) Nor do any of my Cisco-branded Linksys routers. Every last one of them wireless.

Re:

[postbigbang]

How awful. I stand corrected.

What I want to know is

[rsilvergun]

What the heck are we going to do about everyone and his bro having his own wireless router? It's a special kind of heck when you've got an apartment complex with 7 or 8 or 10 wireless networks all in range and all competing. Add to that cell phones, wireless cameras, printers, etc, etc, and wireless is rapidly becoming useless...

Re:

[crossmr]

7-10 wireless networks? Wow you poor thing. The Devil must have it in for you.

I can pick up over 65 networks from my apartment and had to go to 5.8GHz phones because 2.4GHz was completely unusable in the apartment. The interference was just ridiculous.

Re:

[CastrTroy]

My trick for the phones is to use the 980 MHz phones. More than enough range for an apartment, and there's very little interference.

Re:

[crossmr]

I had them when I first moved in, they weren't any better. I'm in a pretty dense block, 37 floors with 8 or 9 apartments per floor. They might actually work now that most people have moved away from them (unless there are a lot of hold outs in my building).

It's not a problem.

[IANAAC]

What the heck are we going to do about everyone and his bro having his own wireless router? It's a special kind of heck when you've got an apartment complex with 7 or 8 or 10 wireless networks all in range and all competing.

How is that really a problem? Just set your preferred network to your own SSID and be done with it (well, that's assuming you didn't leave your SSID named "Linksys" or "Default"). I have about 20 wireless access points visible to me, some open, but most not, and they don't get in

When you get that much signal in the area

[rsilvergun]

it just doesn't work. If you're lucky, you can change channels and get it going, but at a certain point it just confuses the wireless cards. I've tried better routers and cards ( I haven't ponied up for one of those really expensive ones from Apple ).

Re:

[crossmr]

As you pointed out above, you are only competing with a whopping 7-10 networks. If you can't manage to function in that environment you might want to move to the middle of nowhere. Some lonely 2 acre island in the middle of the pacific. With 65 networks crowding my apartment I have no problem running a Wii, 2 laptops (one with Vista, one with XP) and a media center using one of those little linksys USB wireless boxes. None have ever had a connection issue in the 3 years they've been in that environment.

Re:

[slashbob22]

How is that really a problem? Just set your preferred network to your own SSID and be done with it (well, that's assuming you didn't leave your SSID named "Linksys" or "Default"). I have about 20 wireless access points visible to me, some open, but most not, and they don't get in the way at all.

I wish it was that simple - I have 40 visibile, another 15 unpublished SSIDs (mine one of them) - all but 4 are secured. I have my own SSID, I have gone to the least populated range (x +/- 3) of channels and I have problems connecting and maintaining the network connection (from a couple meters away).

Missing the point completely

[Lockejaw]

What the heck are we going to do about everyone and his bro having his own wireless router? It's a special kind of heck when you've got an apartment complex with 7 or 8 or 10 wireless networks all in range and all competing.

How is that really a problem?

Because there are only 11 channels (in the USA). There's also a fair amount of splatter, so it's recommended that only channels 1, 6, and 11 be used. The WiFi band is getting pretty crowded.

Re:

[ATMosby]

All you need to do is get 11 spare wireless routers and 11 high power antenna's. Don't hook them up to anything. Generate lots and lots of traffic/noise. Make all wireless useless where you live. After a month or so you won't have anyone else trying to use wireless around you. Repeat every so often.

Re:

[crossmr]

While interesting, a much friendlier suggestion would be to use that paint/wallpaper that blocks wireless signals. Put it on your exterior walls and ceiling. Encourage your apartment company to do it in all suites. Or at least your downstairs neighbour so you can be fairly insulated. Not only do you free up your air space for your wireless access point so you can get good speed to the device, you also reduce the interference on any 2.4 GHz phones you might have/want to use.

Re:

[mrzaph0d]

I know in my neighborhood Verizon rolled out FIOS recently. Anyone signing up got a free wireless router. So far I've only detected about 3-4 maximum at a time, but I wonder how long before the neighborhood saturates to the point that it gets too crowded to get a good signal from my own router.

Re:

[crossmr]

This seems fairly unrealistic. The apartment company may become liable if someone does something illegal across the connection (whether or not we feel that is right, the law could go whichever way on it), or the person whose name the connection is in could be held accountable as well. not to mention the more devices connected, the slower the service. Wireless bandwidth is not unlimited. Not to mention, what if the device has an issue at 3 am? Do you want to wake up whoever owns it to fix it? In the case of

I do use wired connections

[rsilvergun]

I do consulting work, and my customers want wireless. They've been sold on it by the big box retailers and they want it. The people who need to fix this are the ISPs and phone companies, who ought to be rolling out municipal wireless. But they're too busy trying to figure out how to charge the most money for the least service, so they're twiddling their thumbs.

printer friendly version

[BestNicksRTaken]

http://edge.networkworld.com/cgi-bin/mailto/x.cgi? pagetosend=/export/home/httpd/htdocs/news/2007/061 107-burning-questions.html [networkworld.com]

Yeah, I know it looks like some dodgey mailer script, but it just uses Javascript form elements to fill in bits of their standard printer page, instead of making a proper URL. Of course GET vs. POST is not checked ;-)

My question:

[DogDude]

When is wireless not going to suck? Seriously. I don't use it because of absolutely rotten reliability. Inconsistent speed, and intermittent connections are a rotten tradeoff for being able to save a few wires here and there.

Re:

[brunascle]

the precise moment that everything interfering with it dissappears.

Here's one killer for you

[Khyber]

I posted above about my routers not having WPA on by default. Here's a kicker for you. These things lose WIRED connections when the wireless is on and I pick up my phone. (All my DSL filters are new and this doesn't happen when wireless is turned off on the router.) Talk about intermittent connections. It's sad when Netgear (the most responsible but not the only culprit) kills your wired connection when your wireless channel becomes clogged or noisy thanks to cordless phones. Who the fuck authorized the

Re:

[walt-sjc]

You don't have to use it. Go get a Sangoma S518 ADSL PCI card and stick it in a linux box. Traffic shape / firewall to your hearts content. It works Very Very well.

Is 802.11n more reliable?

[jonnyj]

The article seems to assume that 802.11n offers so much more bandwidth that no-one will bother with ethernet any more. Unless the new standard is less susceptible to neighbouring networks, that's just not the case

18 months ago I set up a MythTV setup based around an 802.11g wireless network and, at first, it worked flawlessly - two clients and the server could simultaneously stream TV to/from the router. Then my neighbours started using own networks in anger and the bandwidth available to me gradually dissolved.

Now my network can't come close to supporting one streaming device. Even surfing the net wirelessly is painful, with regular 2-3 second dropouts when the whole street hits the airwaves simultaneously. I've long since given up on wifi and switched to homeplug.

I'm not alone. Most people I know who live in densely populated areas have the same problem. Does 802.11n suffer from the same problems? I imagine that the increased range will just lead to increased contention when its popularity increases. I'm not about to buy it.

Re:Is 802.11n more reliable?

[CallFinalClass]

N suffers from all these problems.

Let me be more specific - 2.4 GHz N suffers from all of these problems. For now, I expect the 5 GHz N implementations to be in much better shape.

Tip of the hat to Apple for making all of their N gear 5 GHz capable.

Wag of the finger to just about everyone else for making their stuff 2.4 Ghz only, likely for backwards compatibility and cost savings.

Re:

[Malc]

I've had a 5GHz phone for a year now. How well are they going to coexist?

Re:

[karnal]

The problem with the airspace within the specific band is that there's only so much bandwidth, and that is shared by all devices on that channel, whether they're a part of your network or not.

Of course, this can be mitigated by making your signals stronger (i.e. sitting the devices right beside each other) so that the other devices don't interfere with your signal.

I use wireless A at my place of employment, and I've run into another issue - if I have three people on wireless, and I start transferring a larg

VoWiFi FUD

[mach1980]

The article mentions VoWiFi quality as poor, which makes me believe that the writer is handling the truth somewhat irresponsibly.

I work for one leading VoWiFi company that currently installs a lot of systems at US hospitals. Do you think the hospital administrations should accept anything than perfect performance?

A MOS of 4.2 using ETSI's own measurements and seamless handover is what we are talking about. Not FUD about dropped calls etc. Our i75 passed Cisco's own certification program before their own product and has won a number of prices for best product.

Y.T.

My answers, now forward this to 20 friends...

[pla]

What impact will 802.11n have?

It will replace 802.11a/b/g, but beyond that, none. Speed really doesn't count as the biggest problem with wireless - I'd personally put "reliability" at #1 and "security" at #2.


Which wireless security threats are scariest?

The DOJ sniffing your traffic from outside rather than needing to at least enter the building (and thus possibly get caught on your security camera(s)).


What of wireless VoIP?

What of it? Whether you use a VOIP set that connects via 802.11, or a VOIP set that connects a base station via ethernet and has a cordless handset makes no difference. Except, perhaps, that while the 2.4GHz spectrum has gotten rather crowded lately, the 800MHz range used for cordless phones has become less congested in recent years.


Will your organization need to change to support enterprise mobility?

Probably, because most enterprise apps tweak if they lose their network connection even momentarily - See my first answer.


How do you control costs in an expanding mobile and wireless environment?

"The only winning move is not to play".


What can you do to stop wireless denial-of-service attacks?"

1) Use a wire.
2) Wait for the entropic death of the universe.
Seriously, no realistic solution exists between those two - A wireless DOS doesn't take anything high-tech... A spark-gap transmitter will do nicely. And don't forget "unintentional" DOSs... At my house, I suffer one every few second due to a nearby airport's radar (again, see my first answer), thus I almost exclusively use a wired connection except for totally noncritical and connection-state-less uses such as surfing the web from my couch.

Less congested? WTF?

[Khyber]

Never had an 800 Mhz cordless. Every one I've ever seen in stores in the USA, in Texas and Tennessee, is either 45MHz (old), 900 MHz, or 2.4 or 5.8 GHz. My 900Mhz gets congestion and loses connection to the base station everytime anyone in my neighborhood picks up their damned cell phone, from my next-door herbalist to the idiot in the ricer Mustang down the street. Even my stereo picks that crap up, and I get that annoying bzzt-bzzt-bzzzzzzzzzzzzt thru my speakers.

Re:

[walt-sjc]

connection-state-less uses such as surfing the web from my couch

HTTP uses TCP which is a connection oriented protocol. It works for you because of retransmits and the fact that you can't tell if a web site is just being slow or if there is a network problem (lost packet), and the fact the the connections are "short" in duration (unlike a big file transfer or SSH session.) Keep in mind that unless you disable keepalives, you can see even more frequent problems with web sessions.

I use wired connections wherev

Re:

[Alphager]

have you considered dlan (ethernet over electric wires)?

Re:

[mr_stinky_britches]

How about creating a LAN over the power lines in your residence?

Here is some more information from wikipedia: Power line communication for home networking [wikipedia.org]

I have a friend who did this at his house and it worked out nicely for him.

Good luck!

--
Wi-Fizzle Research [wi-fizzle.com]

Re:

[Lord Apathy]

Or you could just be a true geek and drape it over the ceiling fan and lights along the roof. Or just run it along the floor in plan site. Sure it looks shitty but who gives a fuck? Kind of sucks if you have a cat or a dog that likes the chew on cables though. But on the other hand that problem is fixed real quickly if you leave one of those high voltage power cords along the floor. It can be kind of messy though and there is the smell...