WPA Weakness Discovered, but Easily Solved -- Following last week's article about the implementation of WPA (Wi-Fi Protected Access) in AirPort Extreme cards and base stations (see "AirPort 3.2 Update Adds New Security Options" in TidBITS-704), a security expert alerted me to a weakness in choosing keys for the WPA system. The weakness applies to the AirPort 3.2 update as well as to all other consumer WPA-enabled Wi-Fi systems. Basically, choosing a key comprised entirely of real words that are 20 characters or fewer leaves you open to that key being broken rather easily. The solution? Choose a longer key or invent 20 characters of gibberish. If you're particularly security-conscious, use the option Apple provides to enter 256 bits of encryption, which is 32 hexadecimal bytes or 64 hexadecimal digits! That's overkill, however. In last week's article, it wasn't clear why Apple even offers the hexadecimal option when other devices from Buffalo and Linksys don't; now it appears that Apple provides all of the options for entering WPA keys, where the other manufacturers don't. I've written more about this issue and posted my colleague's paper on the subject at Wi-Fi Networking News. [GF]
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.
Search Snippets on the Fly in TextExpander
Have a large number of snippets and can't remember them all your abbreviations? Use TextExpander's Suggest Matching Abbreviations search feature. It makes finding your snippets fast and simple.
Set your hotkey combination by going to TextExpander > Preferences > Hotkeys. Once it's set, to use the Suggest Matching Abbreviations hotkey combination:
- Type a few characters of your snippet or its abbreviation.
- Press your hotkey combination immediately after typing the characters. (Don't enter a space before pressing the hotkey combination.)
- A popup menu appears with all snippets that contain the characters you typed. Scroll through them and click the one you want.
Visit Smile
Related Articles
- The Wireless Networking Starter Kit, 2nd Edition Released (08 Dec 03)
- AirPort 3.2 Update Adds New Security Options (03 Nov 03)
Other articles in the series Panther Answers
- Security Update 2004-09-16 Fixes iChat Vulnerability (20 Sep 04)
- Security Update 2004-09-07 1.1 Fixes FTP & Safari (20 Sep 04)
- Security Update 2004-09-07 Potentially Problematic (13 Sep 04)
- Quicken 2005 Released (09 Aug 04)
- Revisiting Panther's FireWire Data Loss Problem (15 Mar 04)
- Apple Releases Mac OS X 10.3.4 Update (07 Jun 04)
- Apple Releases Mac OS X 10.3.3 (15 Mar 04)
- How FileVault Should Work (01 Mar 04)
- A Slew of Apple Software Updates (05 Jan 04)
- New Panther Language Features (17 Nov 03)
- Panther Application Improvements (10 Nov 03)
- Fixes Available for Some Panther FireWire Troubles (03 Nov 03)
- Security Update 2003-10-28 Released (03 Nov 03)
- Interesting Bits of Panther (27 Oct 03)
- Mac OS X 10.3 Panther Unleashed (27 Oct 03)
- Default Folder X & QuicKeys X: Upgrade Before Panther! (27 Oct 03)
- Mac OS X 10.3 Panther Springs at WWDC (23 Jun 03)
Published in TidBITS 705.
Subscribe to our weekly email edition.
- Apple Updates Panther to 10.3.1
- New Snapz Pro X 1.0.9 Works Better with Panther
- PhoneValet 1.1 Improves Integration
- NoteBook 1.2 Adds HTML Export and More
- First Take Control Update Released
- TiVo Alternatives: EyeTV
- Panther Application Improvements
- Hot Topics in TidBITS Talk/10-Nov-03
WPA Weakness Discovered, but Easily Solved
Discover Fujitsu ScanSnap Scanners — Featuring state-of-the-artscanning solutions for companies of any size. Make your life more
productive, mobile, paperless, and efficient with a ScanSnap
scanner. To learn more, visit: <http://www.ez.com/sstb>