RISC OS Open: Forum: Wifi on Pi RISC OS

Jan 8, 2018 11:27am

Relayed from ‘Archive on Line’
**********
Question for people using RiscOS on a Raspberry Pi: what’s the state of wifi?

Our man in India (Bera, who writes articles about hardware projects)
is asking. He says he tried running Ro on a Pi a couple of years ago,
liked it except that he failed to surmount the wifi barrier.
********

Jan 8, 2018 7:06pm

Steve Pampling (1551) 8170 posts

Ah, yes, another cross platform exploit(WPA2 KRACK) that doesn’t have an effect on RISC OS because the feature doesn’t exist.
Pro’s and cons, pro’s and con’s.

Jan 8, 2018 7:41pm

Rick Murray (539) 13840 posts

WPA2 KRACK

Well, what do you expect when you’re talking about a protocol designed by committee and subject to restricted (for a fee) publication? Peer review is of dubious quality and by the time somebody gets around to discovering a flaw, it’s baked into hardware and too damn late.

No, seriously, look at the track record. WEP is crap. WPA was also crap because they kept TKIP. When that was ditched for WPA2/AES we thought we could breathe a sigh of relief, but apparently not. And then we have the mother of all ****ups, the lovely WPS. Otherwise known as “stupid long security key is complicated I want something simple”, and simple you got. An eight digit security key that is solvable in a maximum of 11,000 attempts. How? Easy. The last number is a check number. Then the key is authenticated in two halves, the first four digits and then the remaining three. The protocol requires the authentication to be aborted as soon as something is wrong, so an attacker can try 0001000x and if that fails you automatically know that 0001000x to 0001999x are not the right choice. Repeat for a maximum of 10,000 attempts. Then it’s a maximum of 1,000 attempts to get the remaining three digits. WPS on a router is like having a dead bolt door with the key sellotaped to the outside.

Yay for designed by committee…

That said, a person probably shouldn’t be relying on just one thing being “secure”, but rather work on the assumption that it probably isn’t.

Jan 8, 2018 8:20pm

Steve Pampling (1551) 8170 posts

That said, a person probably shouldn’t be relying on just one thing being “secure”, but rather work on the assumption that it probably isn’t.

Perfect, we’re doing something right:- assuming RO isn’t secure, and it definitely isn’t so we have the right viewpoint.
Something not quite right there…

Jan 9, 2018 10:51am

Mike Freestone (2564) 131 posts

Question for people using RiscOS on a Raspberry Pi: what’s the state of wifi?

Pi wifi comes in step 3 (of 4) of the new network stack that is gathering donations

Jan 9, 2018 1:13pm

Rick Murray (539) 13840 posts

https://www.theregister.co.uk/2018/01/09/wi_fi_wpa3/

Wifi on Pi RISC OS

Reply

Search forums

Social

ROOL Store

Donate! Why?

RISC OS IPR

Description

Voices

Options

Jan 8, 2018 11:27am Colin Ferris (399) 1814 posts	Relayed from ‘Archive on Line’ ******** Question for people using RiscOS on a Raspberry Pi: what’s the state of wifi? Our man in India (Bera, who writes articles about hardware projects) is asking. He says he tried running Ro on a Pi a couple of years ago, liked it except that he failed to surmount the wifi barrier. ******

Jan 8, 2018 7:06pm Steve Pampling (1551) 8170 posts	Ah, yes, another cross platform exploit(WPA2 KRACK) that doesn’t have an effect on RISC OS because the feature doesn’t exist. Pro’s and cons, pro’s and con’s.

Jan 8, 2018 7:41pm Rick Murray (539) 13840 posts	WPA2 KRACK Well, what do you expect when you’re talking about a protocol designed by committee and subject to restricted (for a fee) publication? Peer review is of dubious quality and by the time somebody gets around to discovering a flaw, it’s baked into hardware and too damn late. No, seriously, look at the track record. WEP is crap. WPA was also crap because they kept TKIP. When that was ditched for WPA2/AES we thought we could breathe a sigh of relief, but apparently not. And then we have the mother of all ***ups, the lovely WPS. Otherwise known as “stupid long security key is complicated I want something simple”, and simple you got. An eight digit security key that is solvable in a maximum* of 11,000 attempts. How? Easy. The last number is a check number. Then the key is authenticated in two halves, the first four digits and then the remaining three. The protocol requires the authentication to be aborted as soon as something is wrong, so an attacker can try 0001000x and if that fails you automatically know that 0001000x to 0001999x are not the right choice. Repeat for a maximum of 10,000 attempts. Then it’s a maximum of 1,000 attempts to get the remaining three digits. WPS on a router is like having a dead bolt door with the key sellotaped to the outside. Yay for designed by committee… That said, a person probably shouldn’t be relying on just one thing being “secure”, but rather work on the assumption that it probably isn’t.

Jan 8, 2018 8:20pm Steve Pampling (1551) 8170 posts	That said, a person probably shouldn’t be relying on just one thing being “secure”, but rather work on the assumption that it probably isn’t. Perfect, we’re doing something right:- assuming RO isn’t secure, and it definitely isn’t so we have the right viewpoint. Something not quite right there…

Jan 9, 2018 10:51am Mike Freestone (2564) 131 posts	Question for people using RiscOS on a Raspberry Pi: what’s the state of wifi? Pi wifi comes in step 3 (of 4) of the new network stack that is gathering donations

Jan 9, 2018 1:13pm Rick Murray (539) 13840 posts	https://www.theregister.co.uk/2018/01/09/wi_fi_wpa3/