WPA Weakness Discovered, but Easily Solved -- Following last week's article about the implementation of WPA (Wi-Fi Protected Access) in AirPort Extreme cards and base stations (see "AirPort 3.2 Update Adds New Security Options" in TidBITS-704), a security expert alerted me to a weakness in choosing keys for the WPA system. The weakness applies to the AirPort 3.2 update as well as to all other consumer WPA-enabled Wi-Fi systems. Basically, choosing a key comprised entirely of real words that are 20 characters or fewer leaves you open to that key being broken rather easily. The solution? Choose a longer key or invent 20 characters of gibberish. If you're particularly security-conscious, use the option Apple provides to enter 256 bits of encryption, which is 32 hexadecimal bytes or 64 hexadecimal digits! That's overkill, however. In last week's article, it wasn't clear why Apple even offers the hexadecimal option when other devices from Buffalo and Linksys don't; now it appears that Apple provides all of the options for entering WPA keys, where the other manufacturers don't. I've written more about this issue and posted my colleague's paper on the subject at Wi-Fi Networking News. [GF]
Better Text Formatting in iPhoto
If you're creating a card or book in iPhoto, and you're not happy with the formatting options for the text (such as line spacing or justification), copy the text out to TextEdit, make the changes you want there, and paste it back into iPhoto, which will retain your changes.
Other articles in the series Panther Answers
- Security Update 2004-09-16 Fixes iChat Vulnerability (20 Sep 04)
- Security Update 2004-09-07 1.1 Fixes FTP & Safari (20 Sep 04)
- Security Update 2004-09-07 Potentially Problematic (13 Sep 04)
- Quicken 2005 Released (09 Aug 04)
- Revisiting Panther's FireWire Data Loss Problem (15 Mar 04)
- Apple Releases Mac OS X 10.3.4 Update (07 Jun 04)
- Apple Releases Mac OS X 10.3.3 (15 Mar 04)
- How FileVault Should Work (01 Mar 04)
- A Slew of Apple Software Updates (05 Jan 04)
- New Panther Language Features (17 Nov 03)
- Panther Application Improvements (10 Nov 03)
- Fixes Available for Some Panther FireWire Troubles (03 Nov 03)
- Security Update 2003-10-28 Released (03 Nov 03)
- Interesting Bits of Panther (27 Oct 03)
- Mac OS X 10.3 Panther Unleashed (27 Oct 03)
- Default Folder X & QuicKeys X: Upgrade Before Panther! (27 Oct 03)
- Mac OS X 10.3 Panther Springs at WWDC (23 Jun 03)
Published in TidBITS 705.
Subscribe to our weekly email edition.
WPA Weakness Discovered, but Easily Solved
to your own drives, friends, and online with unlimited storage.
With 30 days free, backing up is one resolution you can keep.
Your life is digital; back it up! <http://tid.bl.it/code42-tb>