> > I don't know, if it is truly only a ten line change to a common WPA2 > driver to read, intercept and alter practically any traffic on the > network even in enterprise mode, that would seem like a serious issue > to me. Setting up the enterprise mode stuff to work is a lot of time > and effort. If it provides essentially no security over WPA2 in shared > key mode, one wonders what the point of doing that work is. This > doesn't seem like a mere engineering compromise.
If I understand the problem correctly, it doesn't strike me as particularly serious. Fundamentally, it's a way for people in the same enterprise and on the same LAN to see each other's traffic. A simple ARP-spoofing attack will do the same thing; no crypto needed. Yes, that's a more active attack, and in theory is somewhat more noticeable. In practice, I suspect the actual risk is about the same. --Steve Bellovin, http://www.cs.columbia.edu/~smb --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com