[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

In <ma2pk15b0hf1hlnjtgtkdse6297traebqr@4ax.com> on Tue, 11 Oct 2005 21:20:12
-0700, Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:

>On Wed, 12 Oct 2005 02:04:28 GMT, John Navas
><spamfilter0@navasgroup.com> wrote:
>
>>Unfortunately, WPA-PSK is vulnerable attack.
>
>The end of wireless as we know it is at hand. Repent your evil ways
>and prepare for the coming of yet another deluge of acronyms. Though
>thou sacrifice upon the altar of fallen standards, thy petition for
>data safety is in vain, for the priests only deliver complexity, and
>little safety. Best to await the coming of the messiah, who shall
>lead the multitudes to a land of perfect cryptography, infinite
>bandwidth, readable standards, and omniscient tech support. Meanwhile,
>learn, read, and suffer your way towards enlightenment.
>
>If you're going to use my favorite method of spreading FUD (fear,
>uncertainty, and doubt), then at least offer the recommended solution
>to the WPA security problems. I wouldn't want to see another internet
>rumor start here.

I did that in the part you snipped.

>If the user selects a WPA pre-shared key that's longer than 20
>characters (63 chars maximum) and is not found in a typical word list
>dictionary, then WPA-PSK is fairly safe from dictionary attack.

I agree. The longer the better.

>The WPA security problems also only apply to WPA-PSK and do not apply
>to WPA-RADIUS, WPA-TKIP, and WPA-2.

True, as the material you snipped makes clear.

If you're going to accuse me of starting Internet rumors, at least have the
courtesy not to snip relevant materials from my post. ;)

--
Best regards, HELP FOR CINGULAR GSM & SONY ERICSSON PHONES:
John Navas <http://navasgrp.home.att.net/#Cingular>