Re: Wireless home LAN - WiFi vs Bluetooth?

[Reco <recoverym4n@enotuniq.net>]

	Hi.

On Mon, Jul 29, 2019 at 06:57:48AM -0500, Richard Owlett wrote:
> On 07/29/2019 05:57 AM, Reco wrote:
> > 	Hi.
> > 
> > On Mon, Jul 29, 2019 at 05:40:40AM -0500, Richard Owlett wrote:
> > > A concern is security issues. Bluetooth, being short range, may thus
> > > have an advantage. Speed is not an issue for my expected usage. (I was
> > > one of my ISP's last 6 dial-up clients ;)
> > 
> > Both have their disadvantages in this regard.
> > 
> > WPA2's (that's your conventional WiFi standard) secure configuration is
> > fiendishly difficult.
> > You have beacon frames that are broadcasted without any encryption.
> > You have authentication frames that can be intercepted (so WPA
> > passphrase can be bruteforced).
> > You have several encryption algorithms, but:
> > a) They are not equally good.
> > b) You may have a hardware that lack support for a good ones.
> 
> Makes me glad I didn't even consider enabling WiFi on the Hotspot ;}
> Why do I have a Hotspot then?

Because it's easier to buy a consumer-grade router that has WiFi?
Personally I blame modern kids who cannot live five minutes without
looking at a cellphone ;)


> > Bluetooth, on the other hand, is a security nightmare.
> > First, they got reasonable encryption in 4.0 standard version, and it's
> > optional.
> 
> Is it *my* option? Or is it builtin and an option only in the sense
> that a manufacturer can claim standard compliance with/without
> encryption.

It's in the "do I encrypt whatever I send on a radiowave, or it's a
cleartext" sense.


> > You have certain "profiles" that willingly elect to forbid
> > encryption.
> 
> Similarly is the "profile" used my choice?

Bluetooth "profiles" are like application level protocols.
You want to send files - that's OPP (Object Push Protocol).
You want to read texts from your phone - that's MAP (Message Access
Protocol).
And they have like three dozens of those. Some profiles require
encryption, some forbid it.


> > Second, authentication aka "pairing" (which is optional too). In its
> > most common form authentication key is a four-digit number, with most
> > devices preset to four zeroes.
> 
> As the only devices will be PCs, is that number my choice?

Yup. They even allow to use eight digits numbers in bluez (Linux
bluetooth stack). Does not make it really better from a security
standpoint, but still.


> > In short, nothing beats Ethernet in your typical household for
> > conventional computing needs.
> 
> Who said anything about *typical*? <grin> *ROFL*
> I had considered Ethernet over a year ago. Went so far as to purchase
> an 8-port switch. Then realized there was not space on my work surface
> for the cables.

Ceilings, walls (my choice), even water tubes sometimes. We're living in
a 3D world, might as well use it to an advantage.


> This morning I did a search with slightly different terms. Down about
> three layers in from a fresh hit I found a reasonable description of
> how my goal system might work.
> 
> https://en.wikipedia.org/wiki/Personal_area_network says in part:
> > A Bluetooth WPAN is also called a piconet, and is composed of up
> > to 8 active devices in a master-slave relationship (a very large
> > number of additional devices can be connected in "parked" mode).
> > The first Bluetooth device in the piconet is the master, and all
> > other devices are slaves that communicate with the master.

I use this on semi-weekly basis. And every time I do it brings back
memories of that 56k V.90 modem I had 20 years ago.

Reco