On 2 Nov 2006 at 13:07, Wayne Johnson wrote: > At 11:47 AM 11/2/2006, Bernie Cosell typed: > >1) Why would having the WEP/SSID settings apply to ALL of the wireless > >interfaces be insecure? I think this is just a broken choice on MS's > >part. > > I disagree as I believe it was a conscious decision to do the way > that they have it.
Would you elaborate as to *WHY* having all of your wireless devices share WEP info is a security problem? > ... I also don't think that MSFT had that much to do > with setting up the specs for WEP & WPA security protocols or how > they were to be implemented which I also believe is part of the > encryption specs. But how can it say anything about how those keys are administered?? When I type in my key into the wireless app that is asking me for the WEP key, regardless of what 802.11 says about what *happens* to the key, it surely can't say where, and how, the key is *stored*.. can it? > >2) Not necessarily: if that info were kept encrypted in some registry key > >or something, I could conceivably copy it to the corresponding place for > >my other wireless card, and even though I cannot see or change the WEP, I > >could "enable" that network on my other wireless card. [...] > Personally I believe that it is locked in the wireless router or ap > to their MAC addie & does NOT appear in the registry at all other > than the hard & software exist. Ah, now *that's* a reason I can get my head around..:o) I can see if it is the case [unlike, for example, when I give a password to my browser to enter a domain or mount a drive, or to my sftp client to authenticate me] the key information is actually passed to the *device* and isn't stored on the computer at all that that'd make it tricky to transfer the WEP keys to a new device and that's interesting. I can't easily try it [only one computer that's handy has a PCMCIA slot], but the consequence of that situation is that if I took out my wireless card and plugged it into another computer, it would come up all authenticated and ready to go. Odd, but I think that *THAT"S* a security problem [and one I hadn't realized was lurking there].... I need to take more careful care of my pcmcia wireless card than I thought I did..:o) [and also, if I sell/passon my wireless card, I'll need to take steps to ensure that it "forgets" all of its hidden keys, something that wouldn't have occurred to me.] /Bernie\ -- Bernie Cosell Fantasy Farm Fibers mailto:[EMAIL PROTECTED] Pearisburg, VA --> Too many people, too few sheep <-- -- ---------------------------------------- To unsubscribe, mailto: [EMAIL PROTECTED] Is your picture included in the Official Win-Home List Members Profiles Page? http://www.besteffort.com/winhome/Profiles.html If not, write to: [EMAIL PROTECTED]
