The trouble is ...
why not just set the set up to MANUAL in the router . problem fixed ? Or is that too simple ?
All the more reason for a router that hides a VLAN without a WPS configuration...
That might be easy enough for us to do, but we aren't the people that WPS (Easy Setup) was aimed at.
The ordinary user would be completely baffled (if not terrified) by the idea of "screwing" with the settings.
Ordinary computer users could do it if someone walked them through it though.
While I'd argue the converse - all of the specs are basically open and documented, and everything is (ultimately) in the clear rather than over a wire, making security a moving target rather than something to be considered forever and unchanging. Wireless should be a combination of security - as secure a cipher and password as your router and devices that attach can all handle (and preferably one not automatically generated from a password or hash, but manually entered), some sort of device filtering, and network security at the OS networking level in addition to the wireless encryption (like IPSEC between hosts). As with anything, the only way to be truly secure is to not connect to a network - once you do, you do your best, be vigilant, and take your chances. And to those that don't, they run that risk of ending up getting hacked in some way, and there's not a whole lot you can do about or for them at that point either.
It is fair enough that security systems fail, when attacked by innovative strategies.
The trouble is security systems are still falling to ancient attack strategies.
Remember the "
War Games" movie (1983)?
The kid hacked into a military super computer (via the telephone system)
using a "brute force" attack!
Hollywood didn't invent the concept, it was based on reported real life incidents.
Why are systems still falling to that type of attack 29 (or more) years later (WPS)?
I'm always reading comments blaming wireless users, when their privacy/security is compromised.
Now we discover that even if the user was doing the right thing, it was futile, because the system designers and manufacturers screwed up.
:shock:
Some of the problems are due to the improvements in computer technology though.
How many times more powerful is a modern PC, compared to the original PC?
There was a time, when the idea of someone cracking a 128-bit encryption key (in a short time) was laughable.
Now 2048-bit is considered barely adequate.
It probably won't be too long, before 2048-bit encryption is considered a joke.
