On Tuesday, 22 June, 2010 @22:00 zulu, JD scribed: > WPA2-PSK + AES : I thought it is not possible for inter-customer > traffic to figure out the keys because once the connection is > established, > keys change dynamically per the protocol. Perhaps a an expert on the > WPA2-PSK protocl can shed some light on this. The unsecure part is, if left to their own devices people tend to choose weak passwords. It really is that simple. If you choose a password that is a dictionary word or the name of one of your kids/friends/pets, or a phone number, or a simple sequence on the keyboard like 123456, 1234qwer, qwertyuiop, et cetera, then AES can be 'cracked' using the dictionary method. If you choose a passphrase like 1a!B2@Cd3#4$efGH(56) it's virtually uncrackable, Especially since there's a 1-minute xmit timeout enforced when there have been 2 wrong PW tries in 30 seconds. Even if they could make 3 guesses per second it should take a couple hundred centuries to crack that passphrase. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
