Today's 802.11b Networking News is sponsored by FatPort's access point for the rest of us -- FatPoint
The above is a paid, sponsored link. Contact us for more information.
New York Times reports Intel, IBM, AT&T Wireless, Verizon, Cingular, and others considering national seamless Wi-Fi network: although any real announcement may be months away, John Markoff gets an early scoop on the ongoing shift in cell telephone company thinking. Intel knows they can sell more machines with wireless built in if they can build out wireless networks. IBM Global Services will make potentially hundreds of millions of dollars a year unwiring offices and public spaces. The cell telephone companies get more dollars per user and happier customers.
Belkin ships Bluetooth products: I heard just this morning that Belkin is shipping its Bluetooth product line. For $90, you can get a PC card or Compact Flash format PDA card; for $80, a USB connector. This should start putting a lot of pressure on other vendors, and push Bluetooth down into the casual price range. (Palm's SD format Bluetooth card is $130; 3Com's USB adapter and cards items are about $120-$130 as well.)
Macworld Expo: I'll be spending Wednesday and Thursday of this week at the semi-annual Macworld Conference and Exposition. In summers, we're in blistering New York (highs 90, lows 70s this week); in winters, in the damp and foggy San Francisco. They wouldn't want us to site-see, would they? I usually don't hit Macworld Expo in New York as it's much more of a rehash of announcements from previous months. This year, however, there's anticipation of several hardware and software refreshes, including a shipping date for Jaguar, the codename of Apple's Mac OS X 10.2 release. Jaguar includes better discovery, or the ability to find resources over wireless, wired, and peripheral networks.
Sifry on Microsoft's plans for access point authentication: David Sifry of startup Sputnik continues his excellent ongoing analyses of Wi-Fi issues, here talking about the challenges if Microsoft's home Wi-Fi equipment (see last week) incorporates PEAP and MS-CHAP-V2 to build encryption on top of and outside normal Wi-Fi interaction. PEAP builds on SSL/TLS, which is the basis for secure email in sendmail (EAP-TLS) and secure Web serving (SSL).
Mini-SSL/TLS lesson: SSL/TLS avoids man-in-the-middle attacks by combining public-key cryptography, third-party certificates, and short session keys. An SSL/TLS client, like a Web browser, communicates with the server. They handshake to agree on protocols, use public-key cryptography (with the server typically providing a certificate that's been signed by a Certificate Authority like VeriSign) to exchange a private session key, and then start talking. The PK session is needed to avoid a man-in-the-middle attack, and the CA necessary to ensure that the server is who it says it is. The shorter session key is computationally less intensive to calculate than PK, but you need PK to exchange a secret.
Bluetooth and 802.15.1-2002 licensing: in my article on Bluetooth last Friday, I noted that I believe that a manufacturer could make 802.15.1-2002 (the full spec name) equipment and pay reasonable licensing fees via the IEEE's guidelines and create fully compliant Bluetooth-subsetted devices that would interoperate with Bluetooth equipment without the maker having to join the Bluetooth SIG or apply for Bluetooth certification. The chair of the 802.15 Personal Area Network Working Group confirmed that this is so.