Mainstream business reporters are trying to get the security story right about Wi-Fi, but the details tend to be so blurry that I'm not sure it always helps: This is a fair article in BusinessWeek that describes the dangers (as so many other articles) do about the dangers of WEP. However, the examples cited in the introduction are both cases in which companies failed to use even the most basic of protections. Lowe's, as far as I've read the story, wasn't using WEP; the doctor's office didn't have any firewall security on the machines on the network, either.
To avoid using acronyms, the reporter doesn't distinguish between 802.11i and WPA and 802.1X. This whole part thus seems a bit obscure whether you know about the technology or not: By mid-2004, Wi-Fi component makers such as Intel Corp. (INTL ) and Cisco Systems Inc. (CSCO ) will release products with the emerging standards. In the interim, the nation's biggest operator of public Wi-Fi networks, T-Mobile (DT ) HotSpot, plans to deadbolt its systems with upgraded encryption.
In the first case, he's talking about IEEE 802.11i, but he might be talking also about WPA. Intel supports WPA now for Centrino via a Windows XP patch and support from specific laptop makers. In the second case, T-Mobile won't deadbolt its systems -- rather, they're testing using 802.1X, which only a subset of all users will be have built into their operating system and be able to use.
This technical bit is wrong next: Security keys will be changed every time data are transmitted, instead of staying the same throughout a Wi-Fi session. And the encryption of data will be beefed up from the old 64 kilobits to 256 and will use next-generation cryptography. It's accurate to say the key is changed each time in WPA and 802.11i: there's a per-packet key mixing algorithm. However, it's not exactly a different key; it's more of a derived key, so you can still steal a single guy and can access to a network using a shared secret. The 64 kilobits is really 64 bits, and WEP supports both 40 and 104 bit (with a terrible 24-bit initialization vector) flavors. Key length isn't exactly the issue. And 802.11i will support longer keys using AES, which is the next-generation cryptography he refers to.
There's a small graphical sidebar, too which has strange advice. First, it recommends using WPA, which isn't mentioned by name in the main bar. Second, it suggests using an invite list, which is a MAC address filter, and which is known to be 100-percent ineffective. Finally, it suggests building a VPN, but doesn't really describe its nature: a encrypted tunnel running from a user's computer back to a corporate network. That's too many words, I guess.
The sidebar on WiMax is more on-target, although awfully specific. It's not really true that WiMax will first connect hotspots to the Internet and later be used for rural broadband; it's more likely that many different uses will evolve immediately, because WiMax is essentially a non-proprietary evolution of many, many specifications currently on the market that are non-interoperable.