WPA Weakness Discovered, but Easily Solved -- Following last week's article about the implementation of WPA (Wi-Fi Protected Access) in AirPort Extreme cards and base stations (see "AirPort 3.2 Update Adds New Security Options" in TidBITS-704), a security expert alerted me to a weakness in choosing keys for the WPA system. The weakness applies to the AirPort 3.2 update as well as to all other consumer WPA-enabled Wi-Fi systems. Basically, choosing a key comprised entirely of real words that are 20 characters or fewer leaves you open to that key being broken rather easily. The solution? Choose a longer key or invent 20 characters of gibberish. If you're particularly security-conscious, use the option Apple provides to enter 256 bits of encryption, which is 32 hexadecimal bytes or 64 hexadecimal digits! That's overkill, however. In last week's article, it wasn't clear why Apple even offers the hexadecimal option when other devices from Buffalo and Linksys don't; now it appears that Apple provides all of the options for entering WPA keys, where the other manufacturers don't. I've written more about this issue and posted my colleague's paper on the subject at Wi-Fi Networking News. [GF]
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.
- Upgrade to and Learn Lion with New Take Control Ebooks
- Our Favorite Hidden Features in Mac OS X Lion
- Lion Security: Building on the iOS Foundation
- Subtle Irritations in Lion
- Finding a Replacement for Quicken
- Lion Is a Quitter
- Dealing with Lion's Hidden Library
- Lion Application Compatibility Wiki
- Rosetta and Lion: Get Over It?
- Preparing for Lion: Find Your PowerPC Applications
Data Tables in Microsoft Excel 2008
Data Tables let you see how the results of a formula change as its underlying variables change. After entering data, select the entire table and choose Data > Table. Then tell Excel which row input cell and column input cells you want the table to use. Finally, click OK. Excel will crunch the numbers and present a new Data Table.
Visit Microsoft Mac Mojo blog
Submitted by
Microsoft MacBU
Related Articles
- The Wireless Networking Starter Kit, 2nd Edition Released (08 Dec 03)
- AirPort 3.2 Update Adds New Security Options (03 Nov 03)
Other articles in the series Panther Answers
- Security Update 2004-09-16 Fixes iChat Vulnerability (20 Sep 04)
- Security Update 2004-09-07 1.1 Fixes FTP & Safari (20 Sep 04)
- Security Update 2004-09-07 Potentially Problematic (13 Sep 04)
- Quicken 2005 Released (09 Aug 04)
- Revisiting Panther's FireWire Data Loss Problem (15 Mar 04)
- Apple Releases Mac OS X 10.3.4 Update (07 Jun 04)
- Apple Releases Mac OS X 10.3.3 (15 Mar 04)
- How FileVault Should Work (01 Mar 04)
- A Slew of Apple Software Updates (05 Jan 04)
- New Panther Language Features (17 Nov 03)
- Panther Application Improvements (10 Nov 03)
- Fixes Available for Some Panther FireWire Troubles (03 Nov 03)
- Security Update 2003-10-28 Released (03 Nov 03)
- Interesting Bits of Panther (27 Oct 03)
- Mac OS X 10.3 Panther Unleashed (27 Oct 03)
- Default Folder X & QuicKeys X: Upgrade Before Panther! (27 Oct 03)
- Mac OS X 10.3 Panther Springs at WWDC (23 Jun 03)
Published in TidBITS 705.
Subscribe to our weekly email edition.
- Apple Updates Panther to 10.3.1
- New Snapz Pro X 1.0.9 Works Better with Panther
- PhoneValet 1.1 Improves Integration
- NoteBook 1.2 Adds HTML Export and More
- First Take Control Update Released
- TiVo Alternatives: EyeTV
- Panther Application Improvements
- Hot Topics in TidBITS Talk/10-Nov-03
WPA Weakness Discovered, but Easily Solved
READERS LIKE YOU! Support TidBITS by becoming a member today!Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Hans-Ulrich Thomas, Phil Marchetti, Norm, and John
Pennebaker for their generous support!