Wireless WPA.

categories:

I'm a wired network guy. The mere existence of cabling employs a large cadre of specialists, all so I can bounce around with my laptop, handheld or OptiView and set up a new network every 10 days or so. This description totally belies the mundanity of the job, but I'll let the “dot com bubble”-ness of it persist for whimsical nostalgia. Like cold-war ethics. Or Bauhaus-modern. They all warm me in an odd way.

Sorry, back to the notion. Networks employ me, wires employ my buds. And I've been pretty eloquent about WiFi until now: I wouldn't base my continued employment on WiFi even if all the cat-5 turned to Ramen noodles. Wireless leaks. Wireless sucks. All hype and no cattle. Rubber doth not the road meet. Until WPA. I know, some Albanian teenager's just 2 days from showing an exploit for the most common WPA implementation, but let me enjoy the time that it works.

WiFi Protected Access (WPA) is a suite of practices, some old, some new, that will do all that Wireless has needed. Sure, LEAP's cute: allows a username and password to get on the net. (Authentication.) And WEP's kind of cool, it encrypts the packets in a kind of lame way for privacy. But WEP doesn't really authenticate. And LEAP's got no encryption to it. But WPA's got both. And better. Once authenticated, an encryption key's agreed upon and it's CHANGED randomly. FREQUENTLY.

See, WEP's not so good at encryption cuz it's weak. Give me enough packets, and I can figure out the encryption key. And “enough packets” turns out to be only a very few minutes' on a busy network. But even WEP is good if you can change the key every few SECONDS. And so to WPA. We agree you are you, and you're allowed into the club. We even have a way to agree on what secret language we'll use when in the club AND how to change those secret languages in the middle of the convos!! There's even a guy named MIC who looks at every packet and sees if the keys at both ends fit. If not, it might be a lame attempt of a 3rd party to shoe horn into the convo, and MIC shuts the conversation down for some period of time.

Since all the pieces of WPA already exist, it will work on most equipment. Not all, as I found out with my AirPort card, but most. The load on the card's a bit higher now, what with all the encryption. (Not just the packets moving, but encryption of stuff between the base-station and the card. The LEAP and MIC stuff for example.) So I'm going to work this week to start splainin' to the wiring guys that we have to either embrace change or get rolled over by it.

We ain't stopping this steam-roller, we just have to figure out how to ride it or run from it. (Farming's kind of a nice profession...) Can't think of the last time the world moved so fast. (V90? Nah, but it was cool for a while there. Saw the FIRST demo at Comdex95) Now we need 802.1x to get here. RIGHT AWAY...