October 2006

I’ve had Ubuntu Dapper (6.06) running on my HP nx6125, and I just updated to the brand new 6.10 version called Edgy Eft. Most things seem to be working just fine, but the monitor never came back to life after suspending the computer. ubuntoforums.org is a good place to start searching when running into bugs like these, and found someone having similar problems. In the nx6125’s case this seems to be the silver bullet:

Edit the /etc/default/acpi-support (sudo getid /etc/default/acpi-support) and set SAVE_VBE_STATE to false.

I’ll update this post if I find other problems running Edgy. The “noapic” parameter doesn’t seem to be necessary anymore by the way.

As wireless 802.11 networks grows in popularity the number of insecure private and business networks skyrockets. Setting up a small hotspot is usually a matter of plugging in the wireless Access Point (AP) and you’ll have full access. This unfortunately means that everyone else has too, unless you know what you’re doing. As a natural consequence of this, there are a lot of myths out there on how you can keep the Evildoers off your network. Most of them have a base in reality, but if you don’t have all the facts they can give you a false sense of security as they might not be as bullet proof as they seem. Let’s go through some of them Mythbusters style:

Adding a MAC filter will let you decide which computers get to connect

MAC addresses are supposed to be the physical address of your computer’s (or AP’s) network adapters. Letting the AP have a list of physical cards which are allowed to connect seems like a good idea. Unfortunately MAC addresses are a) always transmitted in the open regardless of any encryption, and b) can be overridden in a lot of configurations. In other words, an attacker can listen for what MAC addresses are connected to the network, and then assume one of these identities. It would be best for the attacker to find a MAC which either leaves the network or is generating little traffic, since that computer (or strictly speaking the network adapter) of the “victim” and the attacker will be one and the same as far as the AP is concerned. Traffic bound for one of them will be received by both with ensuing messiness.

Conclusion: Busted! It will keep your random bypasser from connecting to the net, but won’t stop anyone really wanting in.

Setting the AP to not broadcast the SSID will keep people not knowing what it is from connecting

While knowing the Service Set ID is necessary to connect to a wlan, it’s not really a secret. Like the MAC addresses it’s transmitted in the open without any encryption, but unlike the MAC it’s not transmitted with every packet. Instead it’s included in the handshake when someone connects to the network, so you’ll be safe as long as no legal users ever connect to you network. Clever.

Conclusion: Busted! Again, it’ll keep the random jokers away but that’s about it.

WEP encryption is of no use

Cracking a WEP key doesn’t take much time in a network with a lot of traffic, and with packet injection techniques an attacker can even generate the traffic necessary for the crypto analysis to work without really being part of the network. There are however two upsides to WEP encryption as opposed to the two previous methods. 1) Cracking the wep key is without a doubt BREAKING into the network in a (il)legal sense, and 2) you won’t be transmitting your emails and surfing habit to anyone that might be passing and not inclined to crack the key.
Conclusion: Busted! It’s useless in the same way that locking your front door is useless if you’ve got windows in your house. Not the perfect analogy since someone bashing in a window can’t remain undetected.

WEP: Breakable but not completely without use

WPA2 is better than WPA

While WPA is an attempt to patch up the gaping security holes in WEP and still run on old hardware, WPA2 is rebuilt from the ground up with heftier encryption and message authentication using the AES algorithm which at the present has no known theoretical weaknesses. Since it had to be designed to run on old hardware WPA’s TKIP encryption and “Michael” authentication algorithms are inherently weaker, but no practical attacks have to my knowledge been suggested.

Conclusion Confirmed! If your hardware supports WPA2, there are no reasons not to choose it over WPA. However, there’s no need to panic just yet if it doesn’t.

You can’t touch me! I’m using WPA(2)!

While there are no known weaknesses (at least exploitable ones) in the system or encryption primitives, you need to realize that no system is stronger than its secrets. Most home users and small business are probably using WPA(2) in Pre Shared Key (PSK) mode, where the security is based on the supplicants knowing a secret key or a passphrase which is manually entered in the AP and the clients. This secret is then used to set up a common encryption key during the handshake between the client and AP. However, this process is part of the standard and well documented, the handshake can be recorded by an attacker using a standard packet sniffer and the only actual secret is the passphrase. This means that if a handshake is recorded and the passphrase is weak because it’s subject to a dictionary attack, the whole system falls apart. In other words, your super secret WPA2 network with super secret passphrase “Volvo” might very well take less time to crack than your average WEP based wlan.

Conclusion: If you don’t know what you’re doing: Busted!

You can’t touch me! I’m using WPA(2) in Enterprise mode with none of that shared key nonsense!

While an attacker might well be powerless today, there’s nothing stopping him from recording all the traffic for future analysis if he’s really determined. If your data is so sensitive that you cannot possibly accept that the data you transfer today might be decrypted 5 years into the future when a new weakness with today’s system is discovered you really shouldn’t be broadcasting it. That’s the key word right there – you are BROADCASTING your secrets in the hope that no one ever will be able to decrypt them. If you think that sounds like a bad idea, I would recommend sticking to the good old cables as of now, or at least use some form of upper level encryption like VPN and pray that that too will stay infallible.

Conclusion: As of right now, it’s Confirmed. If you’re willing to bet your secrets that it will remain confirmed forever and you don’t have any attackers that are very patient, then there’s nothing to worry about in the wlan department.

That’s it for now. While this might lack the explosions, walrus mustaches and the occasional beautiful women of the real Mythbusters, you’ve got to admit that wireless mythbusting is far more fun! For the whole family!