Page 5 of 7 « First 34 5 67
Reply
Thread Tools
desiv is offline desiv
2008-04-17 , 21:11
Posts: 225 | Thanked: 59 times | Joined on Jul 2007
#41
Originally Posted by paps View Post
I wonder if there is something like openVPN being ported to the tablet. I don't know how helpful that is for securing transmissions over public unsecured Wi-FI but it's probably better than nothing. Anyone already discuss this elsewhere or is there a program for the N8x0 that secures our data.

FYI for anyone that doesn't already realize it, but WEP, WPA, PSK, hiding SSID or MAC filtering is all a waste of time. It's all hackable today and it only gives a false sense of security. The best we can do is to encrypt everything or start talking in pig latin to throw off hackers.
http://maemo.org/community/wiki/installopenvpn/

As for those security methods being a waste of time, I suppose you don't lock your car. I mean, after all, a rock will get into any car.

desiv
 
Benson's Avatar
Benson is offline Benson
2008-04-17 , 23:38
Posts: 4,930 | Thanked: 2,272 times | Joined on Oct 2007
#42
Originally Posted by paps View Post
FYI for anyone that doesn't already realize it, but WEP, WPA, PSK, hiding SSID or MAC filtering is all a waste of time. It's all hackable today and it only gives a false sense of security. The best we can do is to encrypt everything or start talking in pig latin to throw off hackers.

Isn't PSK a type of auth/encryption for WPA? So it doesn't make sense talking about them as alternatives.

And if the best thing we can do is encrypt everything, why did you just say it's a waste of time to encrypt everything?

WPA, even PSK, is as I understand it rather strong at the moment, as long as you use a properly obscure and long key, so you're not in the rainbow tables, or caught early in a brute-force attack.
 
paulkoan is offline paulkoan
2008-04-17 , 23:47
Posts: 422 | Thanked: 244 times | Joined on Feb 2008
#43
Originally Posted by Benson View Post

Isn't PSK a type of auth/encryption for WPA? So it doesn't make sense talking about them as alternatives.

And if the best thing we can do is encrypt everything, why did you just say it's a waste of time to encrypt everything?

WPA, even PSK, is as I understand it rather strong at the moment, as long as you use a properly obscure and long key, so you're not in the rainbow tables, or caught early in a brute-force attack.
Absolutely. Any pre-shared key system is vulnerable to brute forcing (including "encrypting everything), and brute forcing becomes exponentially more difficult with the length of key. But to state they are a waste of time is FUD from the earlier poster and has no place here.

WEP of course is crackable without much effort. If pre shared keys are a concern then use WPA with a certificate based key exchange.
__________________
Servwise Advanced Hosting - Better, Faster, Smarter
Hum Consulting - IT and Marketing services to sing about
 
b-man's Avatar
b-man is offline b-man
2008-04-18 , 02:08
Posts: 549 | Thanked: 502 times | Joined on Feb 2008 @ Bowling Green Ohio (united states)
#44
My frend has a WEP protected wifi network. And he only let's some of his most trustful frends have the code. And i'm one of them!!!

But enywase i'm shure there is some kind of WEP cracker that might be ported to maemo... Unless someone has allrety done it but hasn't told enyone about it.
Last edited by b-man; 2008-04-18 at 02:17.
 

The Following User Says Thank You to b-man For This Useful Post:
paulkoan is offline paulkoan
2008-04-18 , 02:30
Posts: 422 | Thanked: 244 times | Joined on Feb 2008
#45
Aircrack is available for maemo
__________________
Servwise Advanced Hosting - Better, Faster, Smarter
Hum Consulting - IT and Marketing services to sing about
 
paps is offline paps
2008-04-18 , 13:57
Posts: 76 | Thanked: 15 times | Joined on Feb 2008
#46
Originally Posted by Benson View Post

Isn't PSK a type of auth/encryption for WPA? So it doesn't make sense talking about them as alternatives.
sorry, take out the comma and add a hyphen there. I wasn't paying close attention to my post when I was typing it. It should say WPA-PSK

And if the best thing we can do is encrypt everything, why did you just say it's a waste of time to encrypt everything?
I never said encrypting everything is a waste of time. I should have been a little more clear explaining that the data should be encrypted prior to transmission over wireless. Encrypting your emails and documents before transmitting them is different then sending unencrypted data over a connection you believe (or hope) is secure.

WPA, even PSK, is as I understand it rather strong at the moment, as long as you use a properly obscure and long key, so you're not in the rainbow tables, or caught early in a brute-force attack.
If someone is taking the time, in my opinion, to crack WEP, then they aren't too far away from using other methods to break WPA.
 
paps is offline paps
2008-04-18 , 14:08
Posts: 76 | Thanked: 15 times | Joined on Feb 2008
#47
Originally Posted by desiv View Post
http://maemo.org/community/wiki/installopenvpn/

As for those security methods being a waste of time, I suppose you don't lock your car. I mean, after all, a rock will get into any car.

desiv
I think comparing apples to oranges isn't going to work here. But honestly, if someone steals my car, at least I would know it right away. If someone is hacking my wireless, there won't be any shattered glass laying on the ground.

However, just to add a little twist to this example, I do lock my car, but it's so old that I would need to pay someone to steal it


Back to the openvpn issue, this version 2.0.2-2 was last updated in 2005, so it sounds like it was made for the 770, will it work on N810? If not is there one in development elsewhere? Finally, is there a graphical interface as opposed to a command line?
Last edited by paps; 2008-04-18 at 14:22. Reason: Added questions about InstallOpenvpn
 
luca's Avatar
luca is offline luca
2008-04-18 , 14:38
Posts: 1,137 | Thanked: 402 times | Joined on Sep 2007 @ Catalunya
#48
Originally Posted by paulkoan View Post
Aircrack is available for maemo
But you cannot do packet injection with the built-in wifi adapter.
 
Benson's Avatar
Benson is offline Benson
2008-04-18 , 18:35
Posts: 4,930 | Thanked: 2,272 times | Joined on Oct 2007
#49
Originally Posted by paps View Post
I never said encrypting everything is a waste of time. I should have been a little more clear explaining that the data should be encrypted prior to transmission over wireless. Encrypting your emails and documents before transmitting them is different then sending unencrypted data over a connection you believe (or hope) is secure.
So, you think the encryption with WPA happens after wireless transmission? Seriously, it's a matter of degree; how much/good of encryption is good enough. There's no functional difference for a snooper whether you put all your traffic through an (encrypting) VPN, or run it over an (encrypting) WPA link, or whatever; either way, they have free access to your data, but need to decrypt it to get any use out of it. Just a matter of how much horsepower or how bright a mathie they have access to.
If someone is taking the time, in my opinion, to crack WEP, then they aren't too far away from using other methods to break WPA.
I didn't watch this , but the description says "Cracking weak WPA Preshared Keys". So, don't use a weak key... or get stronger encryption, whatever. But to deny that these encryption methods are encryption is just plain wierd.
And on a practical level, WEP is stuff-every-script-kiddie-must-know-to-avoid-being-rotfled-off-the-playground, and attainable on any decent hardware in minutes. WPA still, AFAIK, requires 10s of GB in tables and ~an hour to crack easy PSKs, and is practically impossible for hard ones. I expect only serious types are set up with mobile table-based WPA busters.
 
paps is offline paps
2008-04-18 , 23:22
Posts: 76 | Thanked: 15 times | Joined on Feb 2008
#50
Originally Posted by Benson View Post
So, you think the encryption with WPA happens after wireless transmission? Seriously, it's a matter of degree; how much/good of encryption is good enough. There's no functional difference for a snooper whether you put all your traffic through an (encrypting) VPN, or run it over an (encrypting) WPA link, or whatever; either way, they have free access to your data, but need to decrypt it to get any use out of it. Just a matter of how much horsepower or how bright a mathie they have access to.I didn't watch this , but the description says "Cracking weak WPA Preshared Keys". So, don't use a weak key... or get stronger encryption, whatever. But to deny that these encryption methods are encryption is just plain wierd.
And on a practical level, WEP is stuff-every-script-kiddie-must-know-to-avoid-being-rotfled-off-the-playground, and attainable on any decent hardware in minutes. WPA still, AFAIK, requires 10s of GB in tables and ~an hour to crack easy PSKs, and is practically impossible for hard ones. I expect only serious types are set up with mobile table-based WPA busters.
I use the "best" encryption I have available while using wireless at home or work; anything is of course better than nothing. I'm not trying to spread any FUD around here, just looking for a portable solution to my own FUD With so many public hotspots out there, I'd like to find a way to make the N810 a secure device for transmitting confidential information.
 
Reply
Page 5 of 7 « First 34 5 67

« Previous Thread | Next Thread »
Thread Tools

 
Forum Jump


All times are GMT. The time now is 05:55.

Contact Us - Home - Archive - Top