Wi-Fi protected setup - making wireless security easy

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Pretty slick. It's so the most non-tech savy can have a secure wireless network. I don't deal with SOHO stuff but maybe there are things using this today? I like the "push a button" approach as it's easy, straight forward and people would be familiar with it.

Wi-Fi aliance whitepaper

http://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup

" 1. PIN Method, in which a PIN (Personal Identification Number) has to be read from either a sticker on the new wireless client device (STA) or a display, if there is one, and entered at the "representant" of the Network, either the wireless access point (AP) or a Registrar of the Network, cf below the Protocol Architecture.
This is the mandatory baseline model, every Wi-Fi Protected Setup certified product must support it.
2. PBC Method, in which the user simply has to push a button, either an actual or virtual one, on both the AP (or a Registrar of the Network) and the new wireless client device (STA).
Support of this model is mandatory for APs and optional for STAs.
3. NFC Method, in which the user simply has to bring the new STA close to the AP or Registrar of the Network to allow a Near Field Communication between the devices. NFC Forum compliant RFID tags can also be used.
Support of this model is optional.
4. USB Method, in which the user uses a USB stick to transfer data between the new STA and the AP or Registrar of the Network.
Support of this model is optional.

Moved from Off Topic
Moderator alisom

"
 

Crusty

Lifer
Sep 30, 2001
12,684
2
81
Linksys has had something similar on the WRT54G series for a while. I've never used it or looked into it, but IIRC it was a simple "press this button on the AP and then run the Linksys software on your client".
 

QueBert

Lifer
Jan 6, 2002
23,121
1,274
126
Originally posted by: spidey07
Pretty slick. It's so the most non-tech savy can have a secure wireless network. I don't deal with SOHO stuff but maybe there are things using this today? I like the "push a button" approach as it's easy, straight forward and people would be familiar with it.

Wi-Fi aliance whitepaper

http://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup

" 1. PIN Method, in which a PIN (Personal Identification Number) has to be read from either a sticker on the new wireless client device (STA) or a display, if there is one, and entered at the "representant" of the Network, either the wireless access point (AP) or a Registrar of the Network, cf below the Protocol Architecture.
This is the mandatory baseline model, every Wi-Fi Protected Setup certified product must support it.
2. PBC Method, in which the user simply has to push a button, either an actual or virtual one, on both the AP (or a Registrar of the Network) and the new wireless client device (STA).
Support of this model is mandatory for APs and optional for STAs.
3. NFC Method, in which the user simply has to bring the new STA close to the AP or Registrar of the Network to allow a Near Field Communication between the devices. NFC Forum compliant RFID tags can also be used.
Support of this model is optional.
4. USB Method, in which the user uses a USB stick to transfer data between the new STA and the AP or Registrar of the Network.
Support of this model is optional.
"


I'm a on site tech, a lot of my calls use to be to help secure wireless networks. AT&T has it (in Cali anyways) where it automatically sets up WEP, unless the person goes out of their way to disable it it's secure right out the box. I wondered why I stopped getting calls then I set up somebodies Wireless and saw how AT&T ships it now. Should have been like this since the begining.

 

Barfo

Lifer
Jan 4, 2005
27,539
212
106
Originally posted by: QueBert
Originally posted by: spidey07
Pretty slick. It's so the most non-tech savy can have a secure wireless network. I don't deal with SOHO stuff but maybe there are things using this today? I like the "push a button" approach as it's easy, straight forward and people would be familiar with it.

Wi-Fi aliance whitepaper

http://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup

" 1. PIN Method, in which a PIN (Personal Identification Number) has to be read from either a sticker on the new wireless client device (STA) or a display, if there is one, and entered at the "representant" of the Network, either the wireless access point (AP) or a Registrar of the Network, cf below the Protocol Architecture.
This is the mandatory baseline model, every Wi-Fi Protected Setup certified product must support it.
2. PBC Method, in which the user simply has to push a button, either an actual or virtual one, on both the AP (or a Registrar of the Network) and the new wireless client device (STA).
Support of this model is mandatory for APs and optional for STAs.
3. NFC Method, in which the user simply has to bring the new STA close to the AP or Registrar of the Network to allow a Near Field Communication between the devices. NFC Forum compliant RFID tags can also be used.
Support of this model is optional.
4. USB Method, in which the user uses a USB stick to transfer data between the new STA and the AP or Registrar of the Network.
Support of this model is optional.
"


I'm a on site tech, a lot of my calls use to be to help secure wireless networks. AT&T has it (in Cali anyways) where it automatically sets up WEP, unless the person goes out of their way to disable it it's secure right out the box. I wondered why I stopped getting calls then I set up somebodies Wireless and saw how AT&T ships it now. Should have been like this since the begining.

WEP isn't secure at all.
 

nakedfrog

No Lifer
Apr 3, 2001
63,664
20,121
136
Originally posted by: Barfo
WEP isn't secure at all.

It's more secure than an unsecured network

*insert various people talking about how easy it is to get onto a WEP network*
STFU, the vast majority of regular people will look and see "secured network" and move on without trying to get in. You people aren't regular people :p
 

Skyzoomer

Senior member
Sep 27, 2007
385
14
81
Originally posted by: joutlaw
I just named the SSID at my sister's house "Virus Trojan Worm".

joutlaw,

I love that!!! I'm going to change my SSID name to something similar.

Skyzoomer :)

 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Originally posted by: masteryoda34
I think entering a password (WEP/WPA) is much simpler than any of this WPS junk.

Think about your average user. Getting everything just right from a security perspective is quite daunting to them. I know many IT guys who screw it up and are frustrated to hell on why it's not working for them when most of the time the key isn't correct or they didn't select the correct options from the wireless alphabet soup.

Do you want AES or CCMP with that or how about EAP-TLS with a side of TKIP?
 

masteryoda34

Golden Member
Dec 17, 2007
1,399
3
81
Originally posted by: spidey07
Originally posted by: masteryoda34
I think entering a password (WEP/WPA) is much simpler than any of this WPS junk.

Think about your average user. Getting everything just right from a security perspective is quite daunting to them. I know many IT guys who screw it up and are frustrated to hell on why it's not working for them when most of the time the key isn't correct or they didn't select the correct options from the wireless alphabet soup.

Do you want AES or CCMP with that or how about EAP-TLS with a side of TKIP?

Yeah but all new routers come with that stupid CD that walks users through every step. Really all you have to do is enter a password, the rest of the settings can usually be left to default.
 

kevnich2

Platinum Member
Apr 10, 2004
2,465
8
76
Originally posted by: masteryoda34
Originally posted by: spidey07
Originally posted by: masteryoda34
I think entering a password (WEP/WPA) is much simpler than any of this WPS junk.

Think about your average user. Getting everything just right from a security perspective is quite daunting to them. I know many IT guys who screw it up and are frustrated to hell on why it's not working for them when most of the time the key isn't correct or they didn't select the correct options from the wireless alphabet soup.

Do you want AES or CCMP with that or how about EAP-TLS with a side of TKIP?

Yeah but all new routers come with that stupid CD that walks users through every step. Really all you have to do is enter a password, the rest of the settings can usually be left to default.

The average user has no idea most of the time why a password even matters. Most of the setups I see, if a person bought their own router, the wireless has zip for security. If there is a password setup on it, they wonder what it is or even where to find it. Amazes me how tech..stupid most people really are. For most people, being told to push a button here, then push a button here is the way to go.
 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
kevnich2,

And that is kind of the goal - ship it this way so you HAVE to secure your wireless before you can use it. To me it should not be optional or ship wide open.
 

joutlaw

Golden Member
Feb 18, 2008
1,108
2
81
Originally posted by: Skyzoomer
Originally posted by: joutlaw
I just named the SSID at my sister's house "Virus Trojan Worm".

joutlaw,

I love that!!! I'm going to change my SSID name to something similar.

Skyzoomer :)

Yep I thought it was funny. My SSID at home is Not for Freeloaders