Municipal networks aren't securing the link between customer and node: This is a critical failing and one I've written about briefly before. Frank Bulk writes in Network Computing about how this giant breach in basic security is just a fact of the municipal networks that are deployed and deploying. Adding a layer of security increases complexity, and Bulk notes it also reduces the choices available for a municipality to build out the network.
If consumers can figure out PPPoE or receive preconfigured PPPoE boxes, there's no good reason that CPEs for municipal networks couldn't be preconfigured to handle a WPA Enterprise login to secure that local link. Otherwise, the first Wireless Philadelphia story on launch won't be about its finances, but rather feature a TV reporter driving around the city reading people's email.
You're kidding right? Encrypting the MAC layer is unreliable, slow, does NOT secure your data for it's full transit, reduces access and acts as a double tax (encryption adds size and latency to networks) for people who are doing the right thing and using secure protocols. You should NEVER USE UNENCRYPTED MAIL!
[Editor's Note: Hogwash. Securing the local link isn't the nightmare you're stating with modern equipment. You can't assume that residential users will use secure protocols. And secure protocols aren't enough. They have to visit just one Web site that doesn't use SSL and they're done in. A comprehensive way to secure the network would be useful (end to end) and that requires VPN, which isn't going to happen.
And you're wrong about the end-to-end issue, sorry, Alf. There are mesh and other solutions that use robust intranodal security and are tamper-proof. So someone can't climb on a pole, break in, and gain access between residence and network, nor can they intercept intra-node communication.
With modern processors, there's additional load due to encryption, but it's not a big deal. The silicon handles it. Enforced encryption is a much better idea than relying on average users. They should NOT have to worry about it.--gf]
I would argue that securing the local link has already been a nightmare. Surveying my network there are three generations of Wi-Fi base stations; two out of three have compromised versions of WEP. Any MAC layer encryption scheme used to secure municipal wireless networks is just as likely to be compromised in the future... Continued at: http://istumbler.net/news.html
[Editor's note: You're looking at older technology. WPA Personal and WPA Enterprise are perfectly secure when used appropriately.--gf]