So, I tried to get someone's Windows (XP SP2) machine onto my local network tonight via WiFi with much frustration.

It appears to me that Windows simply doesn't support wireless security of any kind. That is to say, it does have "WEP" and some "WPA" but you can't provide an arbitrary length password. Every time I input the password to my network it said it would only accept a password of X characters. I think maybe it was 13.

When you can't set your own password the way you want to set it, I don't count that as security. My WPA2 password is longer than 13 characters, something every brand of router I've tried supports and my Mac has never ever balked at.

Even after disabling the security on my network it took a while for the Windows machine to connect - every Mac I've ever tried takes no more than 2 seconds.

The next problem came trying to connect to my Mac notebook. It didn't seem it was possible unless I completely reconfigured their system, which I didn't have the time nor inclination to do. They of course had Windows configured still with pretty much all default settings (new XP-style start menu, at the bottom, no expandable menus on things like control panels, etc.) All in all, epic fail.

Another friend called the other day because they just set up a new access point - they were able to connect their Mac to it within a minute, but they weren't able to get their Windows notebook working with it. I think I'm going to have to tell them I'm not going to be able to help them. It's definitely because I'm not willing to, but I have to think up some other excuse.

I'd love to see a continuation of those laptop hunter commercials when those people get home and realize they just effectively tossed their money in the garbage.

Heh.. earlier this week I was trying to configure WEP on my niece's network, and even with an MS-standard 13-char passphrase her notebook still would not connect. Had to enter the 104-bit key in hex for that.

Loverly.

SP3 adds support for WPA2. Or you can download the standalone WPA2 patch for SP2 here.

SP2 came out in August 2004, a month before any wireless device could be certified with proper WPA2 support.

None of that helps with WEP on Vista, though.
The router only does WEP. Well, okay it claims WPA/TKIP as well, but I couldn't get that working even with Linux. Quite rare, that.

Cheers

I do remember a lot of WEP solutions being a pain, due to a few variants of ASCII to hex conversion algorithms. Apple had their own, and other vendors were mixed as well. I almost always had to use the raw hex on my Powerbook. Sometimes the only way to be able to use the right ASCII key was to use the same vendor for router and wireless card, and use their drivers on Windows.

Yeah, I have to agree with you there, Bruno. I do tech support, and every single time I set up a wireless network for someone, I ask them to pick a 13-character password. It's not always necessary, but I've found that 99% of the time Windows will not balk at 13 characters, so I just give the user a line like it's more secure to have a password that long (which it kinda is, considering most want a 4-6 character password) and just set it up that way to avoid complications.

On the flip side, though, I've come across one or two devices that don't like the Airport Extreme's wireless security. On those devices, if I turned off security completely, they would see the router and connect. But when security was on, they couldn't even see it. And no, SSID broadcast was not disabled.

Frankly, most aspects of home networking are overly complicated, regardless of what platform you're using.


Ugh, I've run into that too. I've installed a few cheap Netgear USB wireless NICs, and they've all required their own [terrible] software be installed in order to work properly. As annoying as wireless networking is in Windows, I always try to use the built-in Windows software to connect to the network.

Come to think of it, did you try that, Bruno? Did the computer come with alternate software for the wireless card? That stuff is almost universally junk that I uninstall immediately.

The computer (yesterday) was a Vaio with built-in WiFi. Which first had to be enabled by turning on the external WiFi switch.

I didn't try typing in the password in Hex. I'm pretty confident it wouldn't work though. It also mentioned the length required when typing Hex digits and I'm pretty sure it was 26. One byte for each of the 13 characters it wanted. My Password is an entire sentence, though it's less than the 64 characters/bytes allowed for WPA.

Tom, thanks for the tip about SP3. I will go as far as mentioning this to my other friend as it could be the sole reason she's unable to connect her Windows machine to the network.

OSX can be just as bad. Leopard broke WEP. No amount of 0x's, keychain editing, or anything would get it to connect to a Belkin wep encrypted access point. The only thing I was using wep for was to keep the neighbors off it, so the access point is on it's way to a landfill well before its time.

Yeah, Leopard had some issues that should have been fixed with this update. Apparently the issue there was compatibility with 3rd party routers configured to use open wep. The other fix was to change the router to use shared wep.

WEP in general is badly broken but shared WEP is actually worse than open WEP so I hope people just applied that patch instead of changing the settings.

It was/is more flawed than just that update. I was using my G4 powerbook at the time, not an intel machine. Same results with the original unibody MBP last year.

On the other hand, Microsoft publishes a list of routers compatible with XBOX live. There's plenty of blame to spread around.

Matthew

Compatibility with one specific product is one thing. But not supporting a password at anything but 13 characters, when the spec allows for any length up to 64 bytes, well, that's something else entirely. That's clearly a Microsoft philosophy.

Windows is a giant pile of hurt in the design department. Window 95 took a huge leap over what was there previously and put MS in front of Mac OS for usability. They hung on to this advantage for between 5 and 7 years (it's arguable). But since then Windows has been good for a single thing. Gaming. Period.

If my friend can't get her machine onto her network I'll just suggest she go grab a cheap Dell Mini 9 and run Mac OS on it. The machine will be as crappy as whatever it is she's trying to play with now, but at least it will have a half-decent OS on it.

I guess you have the super-secret version of the 802.11 spec that, in addition to WEP-40 and WEP-104, defines WEP-488.

The passphrase is hashed to the key, though, not just used literally as the key, right? Otherwise the security would be terrible; there's a lot less than 104 bits of entropy in any reasonable 13-character password.

Now whether the hash in question is standardised across manufacturers, that's anyone's guess; that'd be why they let you enter the 26 hex digits of the actual key instead.

Having said that, I've never persuaded my own laptop to join any encrypted network, but I always put that down to the extreme antiquity of the Wifi card (which was scavenged from a Sparcstation Voyager when the laptop's internal Wifi broke).

Peter

On looking into it, in WPA/WPA2 (but apparently not WEP) the hash is standardised. So what you'd expect is that for WEP, Windows would expect 26 hex digits or an arbitrarily-long passphrase (the latter incompatible with non-Windows Wifi); for WPA or WPA2, 64 hex digits or a 64-character passphrase, compatible with anything. Either way it should show you the hex value it's actually using.

Peter

My understanding is that the passphrase is appended as provided to an "initialization vector" (which, if I understand the spec correctly, is either WEP's salt or nonce), which is then used as the seed to RC4's PRNG, which then is used as a stream to XOR the plaintext (and its CRC32 checksum). This is from page 160 (PDF page 208) of the spec I linked to.

The key is appended, etc.; using the passphrase as-is as the binary key would be a poor way of doing it, as ASCII (or any easily typeable) key would have relatively little entropy: at worst, if everything is a-z, your 104-bit WEP has just become 61.1-bit WEP. Much better is to hash the passphrase to generate the key.

Here's the WEP help from my router (Linksys/Cisco WRT54G):

This sounds awfully like what I just described, especially considering I only went and read it after I wrote the description.

Now of course if what Bruno is saying is that Windows only allows 13-character passphrases for WPA, then that is indeed broken.

Peter

Who's talking about WEP? I specifically mentioned "My WPA2 password is longer than 13 characters."

My network is currently using WPA/WPA2 Personal. I used to use specifically WPA2/AES, but unfortunately some devices, like the Wii, don't support the same security as a $5 router.

I've never bothered using WEP. Anyone who knew enough to try and snoop packets would break the encryption, and those that didn't were easily kept out with a simple MAC address white-list.

Windows recognized the network was using WPA. It said specifically, that the WPA (not WEP) pass needed to be exactly 13 characters. Not a maximum of 13, not a minimum of 13. Exactly 13.

The security framework discussion in that PDF file starts on Page 155, and the RSNA-specific protocol stuff starts at 165. Or one can get the reader's digest version at Wikipedia searching for WPA or WPA2.

Disagree. If I understand it correctly, breaking a WEP key takes a long time and involves storing a lot of wireless traffic, then analyzing that stored traffic. Getting around a MAC address filter takes only a sniffer trace of a few seconds.

I've used keys longer than 13 characters with WPA and Windows XP before.

Yes, the key is appended. And some network devices do have some sort of "generate a key for me" utilities built into them. But we're talking about shared secret tools here. That key generation algorithm is not defined in the spec; therefore, each vendor's is proprietary, assuming it exists at all, and, more to the point, whatever 13-byte chunk that algorithm comes up with has to be typed in verbatim in all of your other devices, not the phrase you used to come up with it.

The fact of the matter, though, is that the whole encryption scheme is horribly broken and it doesn't make a lot of difference how random your key/seed is; it can be broken in a few minutes anyway.

Breaking the key after data has been collected takes very little time. It used to be that you had to collect a lot of data, but new algorithms have come to light that require much less data, and there are also techniques for getting the AP to generate data, instead of having to wait for that much data to be transmitted in the normal course of legitimate use. All in all, it takes maybe ten minutes, tops.

Sorry. I guess I didn't follow the thread back far enough. But you responded to someone who was talking about WEP.

XPSP2 basically didn't support WPA at all. Sometimes WPA networks would show up, but it just thought they were WEP networks. Install SP3 or the hotfix that Tom linked to. It'll solve your problem.

If that machine has Intel wireless, go get the drivers from their website. Only way to go.

Wow, that's impressive. I didn't know that.

That's exactly right, I was playing around with aircrack-ng and for grins I decided to break my own WEP key. Literally all I had to do was wait for just one ARP packet to be broadcast over the air, and about 12 minutes later I had my own WEP key handed to me. If it wasn't for the fact that I've got some equipment that can't handle WPA/WPA2, I'd be not be using WEP at all.