Microsoft, Buffalo, Mediabolic partner for simplified network setup, including Wi-Fi: Microsoft Windows Rally will combine what sounds like "zeroconf," a network technology developed by an Apple engineer and now used as Bonjour in Mac OS X, and simplified Wi-Fi encryption setup, such as that in Atheros JumpStart or Broadcom's SecureEasySetup. It will certainly go beyond this, but it requires every hardware vendor of scale to sign on to make it worthwhile. Otherwise, you'll have little Balkanized oceans of interoperability with Rally.
Here's the somewhat buzzwordy description in the Buffalo/Mediabolic press release:
"Windows Rally Technologies are a set of networking technologies designed to make the configuration of wireless networks secure and effortless for consumers. Additionally, Windows Rally Technologies enable link-layer topology discovery to automatically detect devices on the network, determine how they are interconnected, provide quality of service for in-home audio/video streaming, and represent the network in graphic form. The ability to visualize home networks is designed to help users identify connectivity issues that need corrective action."
The first part is easy setup for secure networks. Buffalo has had its AOSS (AirStation One-Touch Secure System) for some time, but it involves a hardware button and only works with other Buffalo devices. This system requires the entry of a PIN on appropriate connected devices, which means that all devices that connect need some form of display and input. Also, I don't see anything in the descriptions currently available that provide protection for man-in-the-middle attacks through an out-of-band validation method. Even if they'd using, say, Diffie-Hellman key exchange, which allows public exchange of two keys, they still have the MitM issue, as do all public key exchange systems. It's possible that Rally will require unique keys embedded in the devices, signed by certificate authorities the keys for which will also be stored in devices. If so, that can enable the PIN to be passed without an MitM attack.
The second part involves something like Bonjour/zeroconf in that devices will advertise their availability through some trigger--the press release and other material describes a process in which devices, when they appear on the network, are discovered and connected to without extra intervention. That goes a step beyond Bonjour, which offers discovery and network negotiation for automatic configuration, but it won't enable devices to work with a computer or other devices without manual intervention.
I swear, Microsoft will *never* get security right! Rally is obviously built on top of UPnP, which is already proving to be a security nightmare. At least Bonjour requires a human touch to acknowledge and activate new members to the network. Rally will very likely elide that step (in the name of "user convenience", of course), allowing yet another unguarded portal through which botmasters might sneak a payload.
The part about QoS is amusing, though. As though the average home network has congestion problems.
I'd imagine that this is more likely built on top of the Wi-Fi Alliance's SimpleConfig initiative, for which people like Intel have already released reference implementations.
There's still alot of debate about how much flexability along the UsabilitySecurity spectrum SimpleConfig should allow, but I think you can be pretty certain it won't include unsecured DH.
[Editor's Note: You have a great imagination! Microsoft is on the alliance's board, and there's no mention of SimpleConfig. We'll see.--gf]
Windows Rally Technologies includes a number of networking technologies to provide a more deterministic experience with network connected devices and Windows Vista.
Wireless Setup is one of the pain points today for consumers. Windows Rally addresses this issue with Windows Connect Now.
Windows Connect Now was co-submitted to the WiFi Alliance (WFA) by Microsoft, Intel, Philips, Sony, Marvell, Atheros, and Buffalo as a proposed standard for wireless configuration in a home network. The WFA voted to adopt WCN as a WiFi Standard codenamed �WiFi Simple Config� (final name TBD).
Windows Connect Now uses two-way Diffie-Hellman to secure the communications between the registrar, AP, and enrollee. Enrollees do not need to have local UI but the "registrar" or network authority must have UI and a numeric keypad. There can be multiple registrars on the network that can be in the form of PC's, cell phones, TV / Remote, web interface on an AP, etc.
Windows Rally technologies also address, discovery, PC association, quality of service, network topology, and diagnostics. For more information on WCN and Windows Rally please visit - www.microsoft.com/rally
Windows Rally Technologies are built on secure protocols like WS-Security. Windows Connect Now (WiFi Simple Config) uses UPnP as a transport between the AP and the registrar and the payload is encrypted using a public / private Diffie-Hellman key exchange (see link to full spec below)
WiFi Simple Config is based on Windows Connect Now which was submitted to the WiFi Alliance by Microsoft and our partners. It has undergone security reivews by industry experts and has been chosen as a standard by the WiFi alliance based on its balance of ease of use and security. It is avialable for license on a royalty free basis at www.microsoft.com/rally
QoS in the home is a VERY important technology as the typical home will not have a wired network and wireless throughput speeds typically top out around 20mpbs (a single HD video stream can run as high a 19mbps). Windows Rally QoS ensures that audio/video traffic takes priority over other network traffic and is used to notify the user/system when sufficient bandwidth is not avialable to start a new session or to preemtively address interference problems.
Windows Rally QoS - http://www.microsoft.com/whdc/rally/rallyLltd.mspx
Windows Rally Wireless Config -
http://www.microsoft.com/whdc/Rally/WCN-Netspec.mspx