{"id":5,"date":"2008-05-24T18:16:06","date_gmt":"2008-05-24T23:16:06","guid":{"rendered":"http:\/\/webadminblog.com\/?p=5"},"modified":"2008-05-24T18:25:51","modified_gmt":"2008-05-24T23:25:51","slug":"why-is-anyone-still-using-wep","status":"publish","type":"post","link":"https:\/\/www.webadminblog.com\/index.php\/2008\/05\/24\/why-is-anyone-still-using-wep\/","title":{"rendered":"Why is anyone still using WEP?"},"content":{"rendered":"<p>Wireless internet access is everywhere these days.\u00a0 Everyone from restaurants and bars to the\u00a0average\u00a0Joe\u00a0Homeowner has some sort of wifi network set up.\u00a0 The problem is that they set up these networks without giving security a second thought (or even a first thought in most cases).\u00a0 I was at the TRISC conference last month and heard SimpleNomad say that he doesn&#8217;t pay for internet access anywhere any more because there&#8217;s always an unsecured or poorly secured wireless network wherever he goes.\u00a0 Lately, I&#8217;ve been testing that and he&#8217;s absolutely right.\u00a0 I&#8217;m the only person on my block not running either an open network or a WEP &#8220;protected&#8221; network.\u00a0 I was even\u00a0at a local hospital the other day and their &#8220;secure&#8221; internal network was using WEP.\u00a0<\/p>\n<p>For those of you just catching up, WEP is an almost 10 year old wireless protocol whose intent was to encrypt your wireless transmissions.\u00a0 The problem is that WEP uses a user-defined key along with an &#8220;initialization vector&#8221; (IV) to generate the RC4 traffic key used to encrypt your data.\u00a0 If I can gather enough of these IV&#8217;s, then I can figure out what the key is and your network is now pwned.\u00a0 I can speed up this process by injecting my own packets and I can get your key in under 3 minutes.\u00a0 How&#8217;s that for security?\u00a0<\/p>\n<p>So, why is anyone still using WEP?\u00a0 It was deprecated as a wireless privacy mechanism back in 2004.\u00a0 It is easily cracked and provides slightly more security than running an open wireless network.\u00a0 All that and when you buy a new wireless\u00a0router it&#8217;s most likely still pre-configured with WEP enabled.\u00a0 On some of these older models\u00a0better encryption standards such as WPA or WPA2 aren&#8217;t even options.\u00a0 With much of the wireless network setup falling into the hands of novice users, some of the\u00a0responsibility\u00a0lies with\u00a0the router manufacturers for even allowing them to use WEP.\u00a0 The rest, in my opinion, is on the users themselves, who put up these networks without being educated enough to do so.\u00a0 You wouldn&#8217;t put a door on your home without making sure the locks worked, would you?\u00a0 How about buying a car where everyone with that model vehicle had your same key?\u00a0 I think you get the picture.\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Wireless internet access is everywhere these days.\u00a0 Everyone from restaurants and bars to the\u00a0average\u00a0Joe\u00a0Homeowner has some sort of wifi network set up.\u00a0 The problem is that they set up these networks without giving security a second thought (or even a first thought in most cases).\u00a0 I was at the TRISC conference last month and heard [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[19],"tags":[27,22,24,23,20,21,620,25,26],"class_list":["post-5","post","type-post","status-publish","format-standard","hentry","category-wireless-networks","tag-encryption","tag-equivalent","tag-internet","tag-privacy","tag-wep","tag-wireless","tag-wireless-networks","tag-wpa","tag-wpa2"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pfI0c-5","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/5","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/comments?post=5"}],"version-history":[{"count":0,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/5\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/media?parent=5"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/categories?post=5"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/tags?post=5"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}