They can sniff all they want. It's no different than some unscrupulous tech plugging into a switch upstream. SSL banking is encrypted, google passwords are encrypted, etc. Anyone who is sending unencrypted traffic on the public Internet can be sniffed any number of places. I choose to not waste my CPU cycles on encypt/decrypt. We have other forms of authentication to keep users off the network.
Some things from the UBNT change log: - Improvement: WPA/WPA2-TKIP security stability improvements in noisy environments - Improvement: WPA/WPA2 EAP-TTLS improvements - Improvement: Connection stability improvement when using WPA/WPA2 security Some of these are older but we definitely saw the bugs. -----Original Message----- From: Matt Hoppes <mhop...@indigowireless.com> Date: Friday, September 14, 2012 2:47 PM To: WISPA General List <wireless@wispa.org> Cc: Justin Wilson <li...@mtin.net> Subject: Re: [WISPA] Ubiquiti next product.... another router? >I've never seen encryption issues when using UBNT gear to UBNT gear. >Regardless, you should run it because it limits the paths where someone >COULD sniff your customer's traffic. Even if your upstream isn't >encrypted, you not being encrypted just gives someone more space to >sniff in. If I was your customer I'd be bailing ship quickly. > > >Matt Hoppes >Director of Information Technology >Indigo Wireless >+1 (570) 723-7312 > >On 9/14/12 2:07 PM, Justin Wilson wrote: >> We have had almost zero problems with UBNT gear and lockups. However, >> most people disagree with me on my setups. >> >> 1.I run zero encryption on the Aps. Several reasons but the short is >> 1)UBNT has had issues with WEP/WPA/WPA2 code. 2) my upstream provider >> is not encrypted so why should I? See my blog for more rants on this. >> >> 2.We run Airmax only. No 802.11 clients. >> >> 3.We invest heavily in clean power to the Aps. Conditioned batteries. 3 >> Stages Chargers/power supplies. Fiber up the tower, etc. >> >> 4.We are religious about the Client firmware being the same as the AP >> firmware. The version is not as important as everything has to match. >> If the ap is 5.3.5 then all the clients have to be 5.3.5, even if we >> have to downgrade. >> >> 5.We use the priority on the client side. If you have a weak client set >> them lower. >> >> >> By doing this we have grown from 0 clients to 1500 in just shy of 2 >> years on an all UBNT wireless network. 40+ towers with probably 150+ >> UBNT devices (aps, backhauls). I can't remember a lockup problem due to >> something not related to the above. >> >> Justin >> >> From: Doug Clark <d...@txox.com <mailto:d...@txox.com>> >> Reply-To: WISPA General List <wireless@wispa.org >> <mailto:wireless@wispa.org>> >> Date: Friday, September 14, 2012 1:29 PM >> To: WISPA General List <wireless@wispa.org <mailto:wireless@wispa.org>> >> Subject: Re: [WISPA] Ubiquiti next product.... another router? >> >> Matt, Have to disagree with you here. UBNT equipment does not just >> run...... >> It locks up for no reason and requires a power cycle in order to >> come back. >> If you want equipment that " JUST RUNS " and requires no >> baby sitting that equipment has a Cambium logo on it. >> You pay dearly for it and I have a significant amount in my network >> but I am not deploying it because the cost is too high and >> the bandwidth is too low. UBNT equipment is very high >> maintainance and super hard to diagnosis what the problem is when >> you have one. >> With all that being said I am still currently only deploying UBNT >> and actually taking down Canopy FSK to replace it with UBNT 2X2 >> ~Doug >> /-------Original Message-------/ >> /*From:*/ Matt Hoppes <mailto:mhop...@indigowireless.com> >> /*Date:*/ 9/14/2012 9:42:32 AM >> /*To:*/ WISPA General List <mailto:wireless@wispa.org> >> /*Subject:*/ Re: [WISPA] Ubiquiti next product.... another router? >> Greg, >> I don't ever recall seeing bleeding-edge firmware with bugs released >> from Ubiquiti.... unless you mean the betas? But that's what they >> are... betas. Since 5.3.3 up to the current 5.5.2 release I >>haven't >> had any problems with the final releases of software. >> I can't count the number of Linksys, DLink, Hawking, whatever >>wireless >> routers we've replaced for customers because they had problems with >> their Internet. We put in a Power AP-N, or an AirRouter and we >>never >> hear from them again. >> Truth be told... Ubiquiti equipment just runs... it doesn't need >> rebooted. It doesn't need babysat. It just runs. >> No I am not being paid to make these statements. I just have many >>years >> working in IT. I've used Cisco, MikroTik, Alvarion, Motorola and >>now >> Ubiquiti. The Ubiquiti equipment just works. I have a backhaul >>that's >> been up for over a year with no reboots.... and no problems. >> Matt Hoppes >> Director of Information Technology >> Indigo Wireless >> +1 (570) 723-7312 >> On 9/14/12 11:20 AM, Greg Ihnen wrote: >> > Are people going to be able to tolerate the bleeding-edge cycle of >> > bugs/firmware updates that has been the history with their >>wireless gear? >> > >> > Once again they're breaking new ground, this time with low >>cost/high pps >> > throughput. Will they be able to make it powerful (rich feature >>set) >> > /and/ easy? >> > >> > It's going to have to be really good to make people switch. >> > >> > Maybe they're going for a niche market of people who want only >>features >> > relevant to the WISP market (bandwidth management, bandwidth >>accounting >> > etc, vlans) and not people who want a do-all box like MT which >>has a lot >> > of features most WISPs probably don't use (BGP and the forwarding >> > protocols come to mind). >> > >> > Greg >> > >> > On Fri, Sep 14, 2012 at 11:11 AM, Paolo Di Francesco >> > <paolo.difrance...@level7.it <mailto:paolo.difrance...@level7.it> >> <mailto:paolo.difrance...@level7.it>> wrote: >> > >> > Hi all >> > >> > I see that Ubiquiti is launching a new product, a router. >> > >> > Well, personally, I do not think that it's a good idea, hard >>market and >> > I really do not see a real reason why I should buy the >>Ubiquiti router >> > instead of other well knows products >> > >> > From my perspective the value or a core/edge router is not >>only in the >> > number of packets, it's more into the number of bugs and >>instabilities. >> > >> > A new product has less or more bugs/instabilities than others >>working >> > since years in my network? >> > >> > I am not sure that I want to restart thinking new workarounds >>for a new >> > brand. >> > >> > Comments? >> > >> > >> > -- >> > >> > >> > Ing. Paolo Di Francesco >> > >> > Level7 s.r.l. unipersonale >> > >> > Sede operativa: Largo Montalto, 5 - 90144 Palermo >> > >> > C.F. e P.IVA 05940050825 >> > Fax : +39-091-8772072 <tel:%2B39-091-8772072> >> > assistenza: (+39) 091-8776432 <tel:%28%2B39%29%20091-8776432> >> > web:http://www.level7.it >> > >> > >> > >> > _______________________________________________ >> > Wireless mailing list >> >Wireless@wispa.org <mailto:Wireless@wispa.org> >> <mailto:Wireless@wispa.org> >> >http://lists.wispa.org/mailman/listinfo/wireless >> > >> > >> > >> > >> > _______________________________________________ >> > Wireless mailing list >> >Wireless@wispa.org <mailto:Wireless@wispa.org> >> >http://lists.wispa.org/mailman/listinfo/wireless >> > >> _______________________________________________ >> Wireless mailing list >> Wireless@wispa.org <mailto:Wireless@wispa.org> >> http://lists.wispa.org/mailman/listinfo/wireless >> >> >> _______________________________________________Wireless mailing list >> Wireless@wispa.org <mailto:Wireless@wispa.org> >> http://lists.wispa.org/mailman/listinfo/wireless >> >> >> >> _______________________________________________ >> Wireless mailing list >> Wireless@wispa.org >> http://lists.wispa.org/mailman/listinfo/wireless >> > _______________________________________________ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless