madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Wi-Fi Alliance to dump WEP and TKIP ... not soon enough

By | June 18, 2010, 6:36am PDT

The Wi-Fi Alliance is getting ready to put an end to WEP and TKIP on access points and WiFi devices.

As early as January 2011 the Wi-Fi Alliance plans to disallow TKIP on access points, with the standard being disallowed on all WiFi devices by 2012.

WEP gets a slight stay of execution, with the standard being banned on access points from 2013, with the near useless and outdated encryption standard being banned from all WiFi devices a year later.

WPA2-Mixed mode, which allows TKIP, will also go 2014, leaving only WPA2-AES.

Good news - couldn’t come soon enough as far as I’m concerned.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

TKIP, WEP, Wi-Fi Alliance, Access Point, Wi-Fi, Wireless And Mobility, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

Talkback Most Recent of 36 Talkback(s)

  • Alliance has a lot to answer for
    Their bumbling approach to security has enabled hackers and thieves to cause billions in damages over the last few years, but with none of the costs borne by the member companies. In fact they have profited from the confusing mess of incomplete standards, in terms of rapid obsolescence and replacement of gear, and in providing expensive consulting services to sort out their self-created mess.

    While 20-20 hindsight doesn't help the mess that's currently deployed and that remains vulnerable, it should be used as a learning experience to guide better cooperation and focus on security going forward.
    ZDNet Gravatar
    terry flores
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    @terry flores
    I dunno if I'd blame the alliance so much. The ability to crack these things have gotten easier over time. The main problem is that people still use these things even though it is widely known that they are insecure. When I switched from DSL to FIOS, Verizon setup the AP with WEP! I changed that to WPA2-AES. Verizon should know better.

    Note too that many devices didn't even support WPA2 without a firmware upgrade.
    ZDNet Gravatar
    DevGuy_z
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    @terry flores
    Please, the first blame should be on end users. How many of them don't even know what wifi security is all about with their wide open devices.
    ZDNet Gravatar
    rengek
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    What is and is not in the wireless LAN standard is determined by the IEEE Standars Development Organization that owns all IEEE 802 standards. The Wi-Fi Alliance members can propose changes to the IEEE 802.11 Working Group for changes in the IEEE 802.11 standards but can not mandate, allow, or disallow anything!
    ZDNet Gravatar
    ThriceRetired
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    Banning old standards is not the answer: aggressively promoting new ones to replace the older, ineffective ones is a better way forward. Also, as another poster said, it isn't up to the Alliance, but the IEEE.

    Furthermore, what of all the people whose laptops will suddenly be useless?

    You mention WPA2-Mixed mode and WPA2-AES, but when I look at my laptop I see the following EAP Types listed under WPA/WPA2: EAP-TLS, EAP-TTLS, PEAP(EAP-GTC), PEAP(EAP-MSCHAP V2), LEAP, EAP-FAST ! If the Alliance is going to do away with certain encryption types then it should first round up all the types that there are and produce some sort of reference - there's enough alphabet soup here to keep Campbell's going for a week!
    ZDNet Gravatar
    LeMike
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    @LeMike
    Just getting rid of the bad stuff. Personally I think banning stuff that is massively insecure is a very good thing. I agree with Adrian on that one. Won't affect you if you are using the old standard. It just won't be available on either new equipment or possibly (not likely) on new firmware.
    ZDNet Gravatar
    DevGuy_z
    18th Jun 2010
  • Should use them already
    Should be using the better security settings already regardless of the status of the less secure settings.
    The only sytems that have to use regular WEP are those that must use a Win98 or Me system for some special software or function, like one of my machines.
    Those would not normally have anything that needs good securing anyways unless you are really interseted in seeing readouts from motors.
    ZDNet Gravatar
    MoeFugger
    18th Jun 2010
  • 'ASSUMED' ALLIANCE POWERS?
    "The Wi-Fi Alliance can propose changes to the IEEE 802.11 Working Group for changes in the IEEE 802.11 standards but can not mandate, allow, or disallow anything!"

    OH! SORT-OF LIKE WHAT THE LIBSOCIALISTS DEMs R DOING IN CONGRESS RIGHT NOW -WITH ALL OUR TAX DOLLARS!

    heh... just a little right-time Wit!

    g
    ZDNet Gravatar
    xyzxyz@...
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    I'm with LeMike. My devices, issued now and through the next year or three, must not be made obsolete and useless by this edict. My EVO 4G better work as a wifi device after 2013... and who the hell are they to dictate what cannot be used anymore? Promote something, that's fine, but banning an existing protocol is not their prerogative.
    ZDNet Gravatar
    SpectreWriter
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    @SpectreWriter
    Not an issue. It just means that new devices won't ship with the banned stuff. While they could update the firmware for your devices (unlikely) you still wouldn't have to install it. So don't worry, you can keep using WEP if you wanna (in that case you should worry as it is terribly insecure) but new APs and wifi devices won't support it.
    ZDNet Gravatar
    DevGuy_z
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    Just another way to sell more hardware...Look at all the security holes in software and who really cares...
    I do very little business over the internet...its a sewer
    ZDNet Gravatar
    proton_z
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    @proton_z
    Has nothing to do with buying more hardware. The old stuff will continue to work just fine.
    ZDNet Gravatar
    DevGuy_z
    18th Jun 2010
  • As many red herring as grow in the wood
    banning mandating laptops becoming useless.... Although I wholeheartedly support promoting secure standards and reducing the chance of people making poor choices through ignorance, I also recognize that change often creates new problems. That said, many of the concerns voiced here are verging on hogwash

    Only new devices can be affected by such moves - old laptops will still work with old routers/access points, and a new network adapter can always be plugged in if needed. I doubt the computer thought police will search for miscreants clinging to WEP

    and since WEP is virtually useless, why not just turn off encryption... (or is that banned too?)

    I also find it unreasonable that anyone's likely to sit outside my apartment for days at a time waiting for me to enter an important password. It strikes me that this whole question is of far more significance to business than Joe Public, and if they're still using 5 year old laptops with wireless adapters that only support WEP, they've probably got more urgent concerns to address than WiFi security

    and I do recognize the importance of preventing someone using my internet and letting me take the rap for their nefarious deeds
    ZDNet Gravatar
    redking44
    18th Jun 2010
  • Bigger than u think.
    @redking44
    Many Joe Public participate in business. If I can gain access to your home wifi via WEP, I stand a good chance at gaining access to your business wifi or at least business information. Some people share passwords and other have confidential docs on their drives.

    You are correct that legacy equipment will still work just fine. Unless very old, laptops should have no problem with WPA2-AES. My wife has an old DELL B130 (PIII) and it works fine with WPA2-AES. Its just that after a while APs and devices will only work with WPA2-AES or whatever comes next.
    ZDNet Gravatar
    DevGuy_z
    18th Jun 2010
  • RE: Wi-Fi Alliance to dump WEP and TKIP ... not soon enough
    How about that MAC Address secutiry. I have my router set to allow access by MAC. Is that not secure enough?
    ZDNet Gravatar
    prof.ebral
    18th Jun 2010
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources