Security Standard 802.11i Ratified06/24/2004 06:11 PM eWeek reports that the IEEE ratified 802.11i, the updated security
standard for Wi-Fi: The new 802.11i standard will appear as firmware
upgrades to modern equipment--notably almost everything shipped since
late 2002 with some exceptions--by September, the article states.
802.11i adds a few key pieces on top of the interim WPA standard, and
should allow companies to remove the restriction of putting access
points outside of a firewall and using expensive LAN-speed VPNs for
wireless users. Combining 802.11i's AES encryption with 802.1X/EAP-TLS
or PEAP and there's an enormously high degree of security in the
authentication process and in Layer 2 communication....
Wi-Fi security standard to require new hardware05/07/2004 10:50 AM In June the IEEE is expected to finally ratify the 802.11i security
standard that uses for the first time AES (Advanced Encryption
Standard) technology, a powerful 128-bit encryption technology.
I wrote a piece yesterday for the Mac journal TidBITS about the
recently released implementation of Wi-Fi Protected Access (WPA) in
the AirPort Extreme product line from Apple. WPA replaces WEP by
fixing its various holes. That article drew a response from Robert
Moskowitz, long-time wireless security expert, who sent me a paper and
his permission to post it about a serious weakness in the consumer
version of WPA: if you choose short keys that are comprised of real
words, WPA keys can be easily broken through passive access to a
network.
I've written this up and posted his paper here.
Interestingly, the problem is all at the presentation layer, not at
the encryption layer. It's a flaw with how manufacturers are offering
users the chance to create and enter WPA keys, and thus could be
easily fixed with a driver update -- no firmware
necessary.
Wi-Fi Security Standard Nears Approval06/22/2004 08:35 PM The IEEE's 802.11i spec, which could be ratified this week, will add a
layer of security to the Wi-Fi standard with its encryption protocols.
New ISO 17799 Security Standard Published06/22/2005 01:51 AM Following years of development, a new version of the international
computer security standard, ISO 17799, is now available. [PRWEB Jun
20, 2005]
New Wi-Fi Standard May Boost Security (NewsFactor)
New Wi-Fi Standard May Boost Security (NewsFactor)07/08/2004 03:33 PM NewsFactor - Although a number of Wi-Fi security systems have been
around for some time, no single one could address all outstanding
security issues on its own.
IEEE: Chinese security standard could fracture Wi-Fi
IEEE: Chinese security standard could fracture Wi-Fi12/09/2003 08:24 AM The implementation of a Chinese security standard for wireless
networking could undermine efforts to develop a global standard for
wireless LANs (WLANs) and drive up the cost of networking equipment
for end users, warned a senior executive at the Institute of
Electrical and Electronics Engineers Inc. (IEEE) in a recent letter to
Chinese government officials.
New WiFi standard aimed at security is ratified
New WiFi standard aimed at security is ratified06/26/2004 04:29 AM The WiFi soup just got another friend: 802.11i. The new standard was
ratified yesterday by the IEEE standards committee, and it brings
stronger encryption and better security protocols to the table in an
aim to replace the de facto security protocol.
Stronger WLAN security standard approved06/25/2004 08:10 PM SAN FRANCISCO - The IEEE 802.11i specification, the latest set of
rules to bolster security on wireless LANs, has received final
approval, according to a co-author of the standard.
Government Prepares Security Standard for Win2K
Government Prepares Security Standard for Win2K07/17/2002 10:06 AM The Defense Department and other U.S. government agencies, with help
from the private sector, are preparing to release a security benchmark
for Windows 2000 workstations.
Chinese Demand Incompatible, Unsupported Security Standard
Chinese Demand Incompatible, Unsupported Security Standard12/02/2003 10:24 PM In a development that appears from left field, the Chinese government
has banned equipment that doesn't conform to WAPI: Never heard of WAPI
(Wired Authentication and Privacy Infrastructure)? You're not alone.
Neither the IEEE nor the Wi-Fi Alliance has information about it,
either, except that it doesn't include Advanced Encryption System
(AES) support. The Chinese government's standards agency developed
WAPI, and equipment cannot be imported or manufactured for domestic
use in China after Dec. 1 without WAPI in it. Perhaps WAPI has a
backdoor for government or is the brainchild of a domestic firm?
Unknown yet. Intel and others expect to skirt the requirement until at
least June, because devices manufactured in the country or imported
before Dec. 1 or are part of contracts for delivery that don't support
WAPI are still acceptable to sell and use....
SMS 2003 Standard Security, WINS, and Advanced Clients
When Judicial Lips Are Sealed08/22/2004 11:08 PM Sad to say, there are two things that, as a judge, I can't talk about
in public (and this is in public). One is pending cases, which means
(in any court, not just mine) cases in which all possibilities of
further proceedings, such as an appeal to the Supreme Court,...
ZH2004-07SA (security advisory): Multiple Sql injection vulnerabilities in Online Store Kit 3.0 Products (Lite - Standard and Pro)
Mail Delivered After Nearly Two Decades (AP)06/08/2004 08:14 PM AP - Trisha Collins-Lavigne waited 19 years to see Nina Roxanne's
plastic face again. The Cabbage Patch Kids doll, which arrived at her
home recently, was mailed to her almost two decades ago, after she
left it on a tour bus in London.
Gmail delivered to desktops
Gmail delivered to desktops08/20/2004 02:08 PM Google releases a test version of software to deliver desktop alerts
when new e-mail arrives.
Linux Standard Base 2.0 promises a common runtime standard
Linux Standard Base 2.0 promises a common runtime standard12/22/2004 01:44 AM The Free Standards Group's (FSG) Linux Standard Base specification is
an attempt to prevent the Linux marketplace from fragmenting by
specifying a runtime environment where applications compiled for
different distros can run install and run seamlessly.
Sealed Bryant Filing Mistakenly Posted (AP)07/28/2004 06:46 PM AP - Swabs taken from Kobe Bryant during a hospital exam found DNA
from the NBA star and the woman accusing him of rape, but none from an
unidentified person whose DNA showed up on other evidence in the case,
the judge said in a sealed filing mistakenly posted Wednesday on a
court Web site.
Judge Orders Jackson Documents Sealed (AP)
Judge Orders Jackson Documents Sealed (AP)01/24/2004 12:06 AM AP - The judge presiding over Michael Jackson's child molestation case
ordered 82 pages of documents and related tape recordings sealed
Friday because they contain "sensitive information" about a boy's
claims that Jackson sexually abused him. Grok Description matches for Wi-Fi security standard sealed and delivered GrokA matches for Wi-Fi security standard sealed and delivered
Wi-Fi security standard sealed and delivered
The following phrases have been identified by the grok system as matching this entry:
