1/13/09 - 7:38 PM ET - The server transfer is now starting, and should be done within half an hour. During this period members will NOT be able to post to the forums.
I desperately hope for WPA support in the next firmware version.
For several reasons, I don't like using WEP/unencrypted WLAN. Of course, I can create a second WLAN for the Pronto only, so that only the Pronto internet traffic is insecure. I can configure a firewall that prevents access from the Pronto to the internal machines. But this does not solve the problem that everybody could use my internet connection then (by spoofing his MAC address and pretending to be the Pronto) and that is problematic because of the legal situation in Germany.
On the other hand, a Pronto with network/internet access would be very, very useful and could do many fancy things. :-)
I've already given some thoughts to implement an (AES) encryption for the Pronto by using a special simple Store-And-Forward proxy. This would mean that I need to install this special AESProxy on a machine with access to both, the unencrypted Pronto WLAN and the internal network (with internet access). A firewall would filter all packets from the insecure WLAN that are not going to the AESProxy directly, i.e. the Pronto would be able to connect to the AESProxy only. To open a connection to google.com, the Pronto would not create a direct connection, but instead connect to the AESProxy and send him the original request, like "connect ('google.com', 80)", but in an encrypted form. The AESProxy can authenticate the Pronto (because only the Pronto knows the AES secret) and forwards the request to the internet via the internal network. After receiving the response from google.com, the Proxy encrypts that information and sends it back to the Pronto.
If AES is to slow on a Pronto, one could use another (faster) encryption standard like TEA.
I think this should work, but it is quite complex because one must implement a Proxy and the Pronto encryption functions. And, of course, you need a PC running the Proxy to enable the (encrypted) network access for the Pronto.
So let's hope for the next firmware. As you see, if there is WPA support in it, it will save me much work. :-)
I think you guys in Germany should be petitioning your gov't to change the law. You should not be responsible if some one breaks into your "home" and uses your equipment to do bad things, even if the break in is through Cyberspace.
Just curious, if someone physicslly breaks into your home, steals a weapon you legally own and then uses that weapon to create mayhem, are you legally responsible and can you be prosecuted for their actions? If not, then what is the difference? IMHO It is only a difference of methodology not intent.
Barry the problem is that it is at times quite impossible to prove that someone else did something through your internet connection and not you. Let's say someone is wardriving in your street and notices your unsecure wireless connection. Connects to it and tries to make a ddos attack on one of the FBI's servers. Who do you think the FBI will pay a visit, and if you don't have strong proof that you were not the one who did it, you'll have to deal with the penalties. It's the same in the USA, not only in germany or europe. Petitioning the government to change a law, well good luck with that anywhere in the world.
The example you provided would not work if someone breaks into your house and with the weapon he finds in your home causes mayhem inside your home, without witnesses and leaves no traces. The first one at the police station would always be you.
On Friday January 2, 2009 at 10:23, Barry Gordon said...
I think you guys in Germany should be petitioning ...
Don't want to beat a dead horse. The only remark I have is that this is european law, not strictly german.
I was told by the Pronto team that the next firmware is supposed to include WPA encryption. No date given though. I'll be at ISEurope at the beginning of February 2009 and stop by at their booth. Will report back...
If you don't want to get better you stop being good.
You must first register for a Remote Central user account - it's fast and free! Or, if you already have an account, please login now.
Please read the following: Unsolicited commercial advertisements are absolutely not permitted on this forum. Other private buy & sell messages should be posted to our Marketplace. For information on how to advertise your service or product click here. Remote Central reserves the right to remove or modify any post that is deemed inappropriate.
