Re: non-free firmware, WEP/WPA, freeness and disk-order on reboot.
On Sat, 25 Oct 2008 21:08:00 +0200, Bastian Blank <waldi@debian.org> wrote:
>On Sat, Oct 25, 2008 at 12:20:29PM -0500, Don Wright wrote:
>> So since the installer must use (insecure) WEP instead of (also insecure[1])
>> WPA, then Debian should not be installable on computers with only a wireless
>> connection?
>
>Now you need to say more. The public papers don't show a cryptographical
>weakness in the protocol/ciphers, which would be needed to call AES and
>CCMP insecure.
A recent press release[1] stated that Elcomsoft, using readily available
hardware, has achieved a 100-fold increase in speed of cracking WPA and WPA2
encryption. While brute-force attacks may not be the same as a weakness in
the fundamental algorithm, the prospect that typical WPA and WPA2 keys may
be discoverable within a practical timeframe has serious implications,
especially where privacy is demanded by legislation (such as with medical
records.) While a large enterprise may be able to support the infrastructure
for RADIUS etc., the typical small business will not.
I apologize for any harshness in the previous post. Last night I was trying
to test a D-I daily netinst on a machine where WiFi is the only practical
connection. The difficulty with setting up a WPA-PSK session, using only the
tools in the netinst image, has me a bit touchy on the subject. --Don
[1] Summary and comments at:
http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-speed/
Reply to: