Linked by Thom Holwerda on Wed 30th Apr 2008 22:24 UTC
OpenBSD Theo de Raadt has lifted the veil off OpenBSD 4.3. "We are pleased to announce the official release of OpenBSD 4.3. This is our 23nd release on CD-ROM (and 24rd via FTP). We remain proud of OpenBSD's record of more than ten years with only two remote holes in the default install." Boasting as always, but when it's justified, arrogance is a virtue.
Permalink for comment 312545
To read all comments associated with this story, please click here.
RE[3]: WPA
by 0brad0 on Fri 2nd May 2008 04:22 UTC in reply to "RE[2]: WPA"
0brad0
Member since:
2007-05-05

VPN with some sort of strong software encryption such as Blowfish, AES, is preferred in the OpenBSD circles to secure any kinds of network connections, including WiFi... which usually secures the IP packets at layer 3... which means, you can effectively transmit data securely over an unsecure WiFi data link (layer 2)... therefore, it was not a priority for OpenBSD dev to secure layer 2 such as WPA.


It was not a priority because the people working on the net80211 layer were not using Wifi in the real world so they didn't care. This has since changed. Recommending the use of IPsec was only a workaround for your own network and it is not realistic to recommend the use of IPsec for everyone trying to connect to your AP anyway.

Last time Theo written about WPA in misc was that WPA has become an accessibility problem rather than security. People use OpenBSD on their laptop would like to be able to access a WPA AP at a coffee shop.


I cannot find any such comment from Theo and if he did it would have been about WPA and not WPA2. Anyway, this goes way beyond just coffee shops. WPA is in use everywhere.

Reply Parent Score: 1