Tag: Wi-Fi Alliance

Wi-Fi 7 gains more legitimacy as a home network technology

Article

Freebox Ultra router and extender press image courtesy of Iliad Free

Freebox Ultra Wi-Fi 7 router and extender available in France’s highly-competitive market

Best of Wi-Fi @MWC 2024 featuring Vantiva, ZTE, Qualcomm, & Intel – Wi-Fi NOW Global (wifinowglobal.com)

Previous Coverage about Wi-Fi 7

What is Wi-Fi 7 to provide for yoThur Wi-Fi wireless network?

My Comments

This year (2024) is being seen as a year for Wi-Fi 7 to gain legitimacy as a Wi-Fi network technology for the home and small-business network space. It is because the Wi-Fi 7 (802.11be) standard was set in stone on January 8 2024.

This will be about leading wireless networks towards multiple-gigabit networking, something that will be facilitated by Gigabit fibre Internet-service networks that can be easily upgraded to this direction. There is expected to be reduced latency which will benefit online-multiplayer video games, videoconferencing and similar time-sensitive activity. There will also be time-sensitive network support at the media level that will benefit multichannel sound, multi-camera video production, robotics and the like.

Wi-Fi 7 feature and benefit list courtesy of Wi-Fi Alliance

But these networks still work on a “best case” approach but in a way that permits Wi-Fi 7 networks to support equipment that works to prior standards.

What is now happening is that more telcos and ISPs are being offered home-network routers that support Wi-Fi 7 and offer these kind of advantages. This is something to be expected of in a competitive market like France where Free is offering the Freebox Ultra (Product Page – French language / Langue française) which is the first “n-box” router to work Wi-Fi 7. along with 4 2.5 Gigabit Ethernet ports.

ZTE Wi-Fi 7 router lineup for different Internet services - press picture courtesy of ZTE

ZTE’s Wi-Fi 7 router lineup

ZTE is coming forth with a range if Wi-Fi 7 routers and access points – a range of 10 models covering every possible configuration with some routers supporting FTTP setups and DSL-copper setups as well as broadband Internet, Then Vantiva demonstrated their EasyMesh-compatible Wi-Fi 7 extenders alongside their 5G fixed-wireless modem routers at Mobile World Congress 2024. Here, most of this equipment will be made available to telcos and ISPs who are offering Gigabit Fibre Internet services. As well, Netgear and TP-Link are offering a range of Wi-Fi 7 compatible routers, distributed Wi-Fi systems and access points in their home-network product ranges, typically for high-performance users.

There is still a trickle of client-side equipment with Samsung S24 Series smartphones and the Google Pixel 8 Pro smartphone being the first recognised smartphone model to support this technology. But this year, Wi-Fi 7 will become part of product refreshes for smartphones, tablets and laptops at the premium end of the market.

The fact that network equipment manufacturers are offering Wi-Fi 7 routers ‘under contract” to telcos and ISPs for sale or lease to their end-users and that the next generation of smartphones is to have Wi-Fi 7 shows industry confidence in that standard. It would still be a valid upgrade for networks running Wi-Fi 5 or prior-technology equipment especially if the equipment is significantly old. Or as the equipment comes in to affordable mid-range territory, it could be seen as a long-term upgrade for your Wi-Fi network.

As well, it could encourage the sale of multi-Gigabit Ethernet switches due to a need to have at least 2.5 Gigabit as a wired backhaul option for distributed or many-access-point Wi-Fi 7 networks with 2.5 Gigabit unmanaged basic 5-port switches coming in to very affordable territory.

20 Years of Wi-Fi wireless

From the horse’s mouth

Wi-Fi Alliance Wi-Fi Alliance 20th anniversary logo courtesy of Wi-Fi Alliance

20 Years of Wi-Fi (Press Release)

My Comments

“Hey, what’s the Wi-Fi password here?”. This is a very common question around the home as guests want to come on to your home network during their long-term visit to your home. Or one asks the barista or waiter at the cafe “Do you have Wi-Fi here?” with a view to some free Internet use in mind.

“What’s the Wi-Fi password?”

It is brought about by Wi-Fi wireless-network technology that has become a major lifestyle changer over the last 20 years. This has been propelled in the early 2000s with Intel advancing their Centrino Wi-Fi network-interface chipset which put forward the idea of highly-portable computing.

Dell XPS 13 9380 lifestyle press picture courtesy of Dell Corporation

The laptop like this Dell XPS 13 – part of the Wi-Fi lifestyle

The laptop computer, mobile-platform tablet and smartphone benefited from Wi-Fi due to their inherently-portable nature. This effectively allowed for “anywhere anytime” online work and play lifestyle including using that iPad or smartphone as a second screen while watching TV. Let’s not forget the use of Internet radios, network-based multiroom audio setups and those smart speakers answering you when you speak to them.

“Do you have free Wi-Fi here?”

Over the years there has been incremental improvements in bandwidth, security and quality-of-service for Wi-Fi networks both in the home and the office. Just lately, we are seeing home networks equipped with distributed Wi-Fi setups where there are multiple access-point devices working with a wired or wireless backhaul. This is to assure full coverage of our homes with Wi-Fi wireless signals, especially as we face different floorplans and building-material types that may not assure this kind of coverage.

But from this year onwards, the new Wi-Fi network will be based on WI-Fi 6 (802.11ax) technology and implement WPA3-grade security. There will also be the idea of opening up the 6GHz wavebands around the world to Wi-Fi wireless-network traffic, along with having support for Internet-of-Things applications.

Telstra Gateway Frontier modem router press picture courtesy of Telstra

The Wi-Fi router – part of every household

The public-access Wi-Fi networks will be more about simple but secure login and usage experiences thanks to Wi-Fi Passpoint. This will include simplified roaming between multiple Wi-Fi public-access hotspot networks, whether this is based on business relationships or not. It will also lead to telcos using Wi-Fi networks as a method to facilitate complementary coverage for their mobile-broadband networks whether they use current technology or the new 5G technology.

What needs to happen for Wi-Fi is to see work take place regarding high-efficiency chipsets for Internet-of-Things applications where such devices will be required to run on a small number of commodity batteries for a long time. One requirement I would like to see for public-access Wi-Fi is the ability to create user-defined “secure device clusters” that allow devices in that cluster to discover each other across the same public-access network but other devices outside of the cluster can’t discover them.

So happy 20th Anniversary to the network technology that has effectively changed our online lifestyle – the Wi-Fi wireless network.

WPA3-Personal security–What does this mean for your Wi-Fi network

Article

Telstra Gateway Frontier modem router press picture courtesy of Telstra

Expect the next-generation Wi-Fi network to have WPA3 security

What is WPA3? And some gotchas to watch out for in this Wi-Fi security upgrade | Network World

My Comments

Over the next few years, Wi-Fi routers, access points and client devices like computers and smartphones will be supporting WPA3 as a media-specific network security protocol.

At the moment, I will be focusing on the WPA3-Personal variant which is relevant to small networks like the typical home or small-business network. This kind of network security is also implemented in an increasing number of venue-based public-access networks in order to allow the venue owner to protect and authenticate the network and preserve its role as an amenity for the venue’s customers.

The WPA3-Personal network security protocol has the same method of operation as for a WPA2-Personal network. This is using a “Wi-Fi password” commonly known across all access points and client devices that use the network segment.

But it describes this “Wi-Fi password” as Simultaneous Authentication Of Equals rather than the previous Pre-Shared Key used in previous WPA-Personal implementations. It also affects how this “Wi-Fi password” is represented and encrypted in order to protect it against an off-site brute-force cracking attempt.

As well, each connection between the client device and the access point is encrypted in a manner unique to that connection.

The initial onboarding process will be typically based on the traditional password-entry method. But it will also implement Wi-Fi EasyConnect which uses a QR code or WPS-based push-button setup.

The Wi-Fi WPA3 security protocol may take years to become mature while a secure surefire codebase for client-side and access-point-side implementations is worked out. The initial codebase was found to have software weaknesses in the early Personal-setup implementation and is being debugged now.

A question that will be raised is whether an upgrade to WPA3 security will require new hardware for either the client device or the access point or if this can be performed using revised firmware that has the necessary software code. This may depend on whether the hardware uses a purely software-defined approach for managing its functionality.

There will be situations that will take place regarding existing equipment and WPA3-capable equipment. Here, a WPA3 client like a smartphone can work with an existing WPA2-compliant Wi-Fi network segment but not have the full benefits. Similarly, a WPA3-capable Wi-Fi network segment will need to be operated in a “transition mode” to allow existing WPA2-compliant client devices to connect. Again, this doesn’t provide all the benefits of a Wi-Fi network segment secure to WPA3 standards.

You can also work around this limitation by implementing two Wi-Fi network segments that have separate ESSIDs. One of these could be configured to work the current WPA2-Personal standard while the other is set up purely for WPA3-Personal. This practice may come in to its own if you have a Wi-Fi network using the latest standards while you maintain another using tried-and-trusted standards.

New nonenclature for Wi-Fi wireless networks

Article ASUS RT-AC5300 router press picture courtesy of ASUS

802.11ac? 802.11n? Wi-Fi Alliance stops with the jargon, goes with Wi-Fi 6 | Android Authority

Wi-Fi Alliance Simplifies Things With Version Numbers | Tom’s Hardware

From the horse’s mouth

Wi-Fi Alliance

Wi-Fi Alliance® introduces Wi-Fi 6 (The Beacon blog)

My Comments

The Wi-Fi Alliance have decided to adopt a new nonenclature for the different main standards that Wi-Fi networks support. This  is in stark contrast to referring to each standard by its IEEE reference which can sound confusing.

It will be used in product marketing material and specifications sheets to refer to the effective “generation” that the router / access point or client device will support so one can know what is the expected “best” capability offered by that device.

But the device’s operating system or firmware will be able to indicate on devices with some sort of dynamic visual user interface the “generation number” the network connection will support. In the case of client devices like computers or smartphones, this will be to indicate the “best available” network expectation for the current connection.

Similarly, people and companies who provide a public-access Wi-Fi network can reference the kind of performance expected out of this network by using the “generation number” indicating what technology it would support. It could be use as a means to gauge the network’s suitability for handling peak loads such as, for example, a transit station during peak hours or a fully-occupied hotel.

802.11b Wi-Fi 1
802.11a Wi-Fi 2
802.11g Wi-Fi 3
802.11n Wi-Fi 4 Determined by Wi-Fi Alliance
802.11ac Wi-Fi 5 Determined by Wi-Fi Alliance
802.11ax Wi-Fi 6 Determined by Wi-Fi Alliance

A question that will come up will be is what way will the device indicate whether it is a simultaneous multi-band device or how many MIMO streams it concurrently runs. This will be of importance with Wi-Fi 4 / 5 / 6 (802.11n/ac/ax) devices that can work on two or more bands and have MIMO abilities but at differing levels of capability and performance.

Classic examples of this could be some low-cost access points and Wi-Fi extenders capable of working to dual-stream 802.11n on the 2.4GHz band known as N300 devices or mobile devices working on single-stream or dual-stream MIMO chipsets as part of battery conservation.

On this site going forward, I will be using the new “Wi-Fi generation number” along with the IEEE standard reference for describing the Wi-Fi network technology offered by a network device. It will also apply to describing minimum Wi-Fi standards particular to a networking situation that I write about.

For example, I may describe the Dell XPS 13’s Wi-Fi abilities as Wi-Fi 5 (802.11ac) dual-stream to reflect the effective generation Wi-Fi supported by that Ultrabook.

At least this new nonenclature will be a barometer to indicate whether a Wi-Fi network is running new technology to allow it to perform properly.

Wi-Fi defines a new standard for distributed wireless netowrks

Articles

NETGEAR Orbi distributed WiFi system press image courtesy of NETGEAR

Wi-Fi now to standardise the operation of distributed Wi-Fi setups like the NETGEAR Orbi with the EasyMesh standard

A new Wi-Fi standard could let different mesh routers work together | The Verge

Mesh Wifi gear from different companies could soon work together | Engadget

Wi-Fi Alliance’s Wi-Fi EasyMesh certification aims to standardize mesh networks | PC World

From the horse’s mouth

Wi-Fi Alliance

Press Release

EasyMesh Product Page

My Comments

Increasingly, home and small-business Wi-Fi users are showing interest in distributed-WiFi network systems that implement simplified configuration and hands-off optimisation. They consist of multiple access-point devices and use a Wi-Fi path or, in the case of a few systems, an optional wired-network path to provide a backhaul to the router that links to your Internet service.

People are showing interest in these setups as a simplified way to assure Wi-Fi wireless-network coverage across a large or multi-storey / split-level building or a building that uses materials and construction techniques that play havoc with Wi-Fi network coverage. As well, they don’t want to deal with devices that are difficult to set up or to have to remember which SSID to use for best coverage in a particular area.

To the same extent, those of us who have separate buildings on our properties like a cabin or converted garage may want to be sure we can gain reliable access to the Internet and network resources from these buildings. Some of the distributed Wi-Fi systems like the Netgear Orbi can support wired backbones which can work with a HomePlug powerline link or Ethernet cable strung between the buildings and this could bring seamless Wi-Fi network operation to these buildings.

But the current problem with these systems is that you have to create the system with equipment from the same vendor or, in some cases, implementing a particular chipset. This makes it hard for customers to mix and match equipment to create a distributed-WiFi system that answers their needs exactly.

There is also the risk that if a manufacturer abandons their distributed-WiFi product line and one of the units fails, customers can’t replace the faulty unit with a new one from a different vendor – they would have to scrap the whole system. The same situation also applies if a customer wants to use a unit that offers specific functionality such as a router with higher security, a modem router or a weatherproof access point.

Enter the Wi-Fi Alliance who have established a certifiable standard with a trademark for these kind of systems. This standard, known as the EasyMesh standard and is part of their device-certification scheme, is based on the IEEE 1905.1 protocol for small-network configuration allows for “mix and match” operation of a distributed-WiFi system.

A network based on the Wi-Fi EasyMesh standard can implement a backhaul based on a Wi-Fi wireless and/or a wired (Ethernet, HomePlug powerline, MoCA TV-aerial / cable-TV coax, etc) medium. As well, the devices can support a dedicated Wi-Fi backhaul segment with dedicated radio transceivers or use the same Wi-Fi segment used to serve client computing devices.

There are two classes of device that exist across an EasyMesh Wi-Fi network – a Controller and an Agent device. The Controller co-ordinates what is happening with the network and typically it can be part of the Wi-Fi router that is the network-Internet “edge” of your home network. But it can be software running in another computer or an access point. You can have only one of these in operation on the one EasyMesh network.

The Agent device is the access point that your client devices such as your laptop, tablet or smartphone link to your home network through. These will connect to each other and to the Controller using the Wi-Fi, Ethernet or similar backbone.

A simplified setup and device-onboarding process takes place in an EasyMesh network, with the device-onboarding process typically being facilitated through methods like NFC or push-button setup. The onboarding procedure will also be about learning the capabilities that the new device offers such as what bands it operates on and whether they can be used simultaneously or what Wi-Fi standard is being supported by that device. Of course, initial network configuration may be about determining the ESSID (Wi-Fi network name) and, perhaps, a user-chosen passphrase for your network.

Let’s not forget that the EasyMesh network implements continual self-tuning for each Agent AP node. This means that if you add or remove extra Agent APs or move them around, they adjust their operating frequency and signal strength themselves. It also applies whenever neighbours set up or modify their Wi-Fi-based home networks.

The Controller device then monitors the network for best performance and will have the network steer client devices towards access points that offer the best bandwidth. As well, the Agent access points report their measurements to the Controller device and each other to provide the self-tuning self-healing network.

The Wi-Fi Alliance stated that there is the possibility of implementing Wi-Fi Certified EasyMesh at a software or firmware level without any particular requirements as far as the hardware is concerned. This could appeal to vendors to implement EasyMesh in to existing devices as part of, say, a firmware update which is a practice that AVM have done to enable some of their Fritz series of home-network equipment for distributed-Wi-Fi operation.

But what do I see the Wi-Fi Certified EasyMesh technology lead to?

There will be the ability to supply distributed-WiFi equipment that offers better value to the home or small-business user. This includes the ability for manufacturers to supply equipment that targets particular niches such as VPN-endpoint Wi-Fi routers for business or weatherproof access points for installation outdoors. Manufacturers could even consider the idea of integrating “mesh AP” functionality in to client devices so these devices could effectively boost Wi-Fi coverage in to an area.

The technology will benefit ISPs, telcos and cable-TV operators who supply Wi-Fi routers, typically modem routers, to their customers as part of providing Internet service. Here, it could become feasible to provide a modem router with EasyMesh capability to their customer and allow these customers to purchase the EasyMesh-compliant access points that suits their needs through the ISP’s storefront or a third-party retailer.

There is also room for the vendors to continually improve on their products in many different ways without needing to worry about risks associated with designing for a proprietary setup. Here, the algorithms associated with network-performance management can be tweaked in a manner so as to carry that improvement across an existing EasyMesh setup.

At the moment, the Wi-Fi EasyMesh solution will primarily be targeted at simple small networks but there will be a call to evolve this standard to support Wi-Fi-based VLAN setups. This is more so to cater for “guest networks”, FON-style shared-bandwidth setups and IP-based telephony which will make use of these setups. Here, a setup that answers these needs may may have to cater towards replicating the multiple SSIDs and network setups these networks implement while shifting data from each SSID to each “data pipe” like the Internet or a VoIP service.

But I see the Wi-Fi EasyMesh standard leading towards the ability for householders and small businesses to make sure that their small network’s Wi-Fi segment is providing the right coverage to suit their needs.

Wi-Fi Agile Multiband–What will it be about

Article – From the horse’s mouth

Wi-Fi Alliance

D-Link DIR-895L AC5300 6 stream wireless router press picture courtesy of D-Link America

Wi-Fi Agile Multiband will make better use of those dual-band Wi-Fi wireless networks

Wi-Fi Agile Multiband (Resource Page)

My Comments

A reality that is affecting how the Wi-Fi wireless local network operates is the increasing number of network-infrastructure hardware that can work simultaneously on both the 2.4GHz and 5GHz bands. Add to this the fact that most Wi-Fi clients released in the last few years are able to work on both these bands.

But there is the issue of making sure these devices can provide the optimum throughput for whatever data you are sending to them. This can affect the setup process for network-infrastructure hardware where you have to be sure you are on the right channel for optimum throughput everywhere over your premises.

There is also the fact that you may want to make sure that your laptop, smartphone or other client device chooses the right band for the right application when you deal with a network that works across both bands. This would be more important where you have to use the least-cluttered band to assure reliable audio or video streaming or IP-based voice or video telephony sessions.

The Wi-Fi Alliance have launched a certified trademarked specification known as Agile Multiband to answer these situations.

What does it offer

A network access point or client that implements Wi-Fi Agile Multiband has the ability to monitor the service quality to determine the best connection opportunities available for that network.

Client and infrastructure devices in a Wi-Fi Agile Multiband network can steer away from congested channels and bands. This is a form of “self-tuning” which can take place even as the network’s environment changes.

In a multiple-access-point network, a Wi-Fi Agile Multiband setup can steer client devices away from

D-Link Covr router and wireless extender package press image courtesy of D-Link

Even multiple-access-point networks will benefit from this technology

oversubscribed access points to those that aren’t loaded with traffic to access points that don’t have much traffic on them. This is also to answer the reality that home networks are heading towards the multiple-access-point path thanks to HomePlug-based access points and mesh-based wireless network kits.

All these options can answer the needs of both static and mobile client setups. This means that a Wi-Fi-capable printer or Smart TV can benefit as much from these features as a laptop or smartphone that is always moved around. It can also appeal to “transportable” clients like Smart TVs installed on easily-movable furniture or “all-in-one” desktop computers which are normally static but are moved on an ad-hoc basis.

Moving around a Wi-Fi Agile Multiband network will see minimal interruption for the network device’s user. This is because client devices can cache network encryption keys to facilitate a quick handover between different access points, something that will be important for IP telephony or AV streaming.

A question that needs to be asked thanks to the ubiquity of Wi-Fi wireless networks operating on the 2.4GHz band is how a Wi-Fi Agile Multiband network can address non-Wi-Fi interference on that band. This is a situation driven by microwave ovens, cordless telephone systems, Bluetooth devices and the like that work on this band and the use of these devices could cause temporary interference.

What Wi-Fi Agile Multiband is about is a step to assure increased reliability out of Wi-Fi wireless network segments and make better use of the radiofrequency spectrum available to them.

KRACK WPA2 Wi-Fi vulnerability–what is affected

Telstra Gateway Frontier modem router press picture courtesy of Telstra

A wireless router set up in the ordinary way as a base station or hub for your home network isn’t at risk of the KRACK exploit

The computing press has been awash with articles regarding a recently-discovered security vulnerability that affects Wi-Fi wireless networks. This vulnerability, known as KRACK, compromises the authentication process associated with the WPA2 security protocols that most Wi-Fi home and business networks implement.

What is affected

But it mainly affects client devices like laptops, smartphones and the Internet of Things which connect to Wi-Fi networks using WPA2 facilitated through software that isn’t patched against this risk.

It also can affect Wi-Fi infrastructure devices that serve as a repeater or client-side bridge in a Wi-Fi wireless network segment – this encompasses Wi-Fi client bridges used to connect desktop computers or smart TVs equipped with Ethernet connectivity to a Wi-Fi network, Wi-Fi repeaters, distributed-Wi-Fi setups and mobile devices implementing “bridge-to-Wi-Fi” functionality.

Data security risks

The security and privacy risk occurs at the media level of your network connection which would represent the Wi-Fi wireless link to the access point / router.

If you use higher-level encryption protocols like gaining access to Internet resources through SSL / TLS encryption which includes “https” Webpages, implementing a client-based VPN or using IP telecommunications apps that implement end-to-end encryption, you have reduced the risk factor for your data security that the KRACK vulnerability poses. Access to LAN-based resources like your NAS or printer from within your network can be a risk with Wi-Fi clients that aren’t patched to mitigate this risk as with unencrypted Internet resources.

Current remediation efforts

This situation has been rectified for regular computers running Windows 7 onwards through a patch that Microsoft rolled out as part of the October 10 security update. Here Microsoft didn’t disclose this vulnerability until there was a chance for all of industry to have patches in beta testing or “ready to roll”.

Just lately (1 November 2017 AEDT) Apple released patches for MacOS High Sierra, Sierra and El Capitan versions; and iOS 11.1 (iPhone 7 onwards, iPad Pro 9.7″ (2016) onwards); tvOS 11.1 (4K Apple TV onwards) and watchOS 11.1 to address this issue.  The Intego Mac Security Blog post that I culled these details from was miffed about the fact that the large number of iPhone 6 and earlier devices that are still in operation have not been addressed. I would also extend this concern to the older iPad and iPod Touch devices that are also in operation such as those iPod Touches the kids use or the iPad in your living room.

On December 2 2017 US PT, Apple released the iOS 11.2 update which provided this protection for iPhone 5S, iPhone SE and all model variants of the iPhone 6. This update also applies to the 12.9″ iPad Pro (1st generation), the iPad (6th generation), the iPad Air, the iPad Mini 2 onwards; and the iPod Touch (6th generation).

Other regular-computer and mobile operating systems are being updated with security patches that are coming online through the next two months or are already online.

There will also be various pieces of client-side security software that will be updated with extra code that provides extra defence against the KRACK Wi-Fi vulnerability for both the software and the host computer.

The devices you will find as having a strong risk factor for your network are “dedicated-purpose” network devices like Internet AV devices, “smart-home” devices, videosurveillance cameras and the like that don’t benefit from regular firmware updates. This will mainly affect those devices that manufacturers are declaring “end-of-support” on or a lot of “white-box” devices sold by multiple vendors. But check your devices’ manufacturers’ Websites for new firmware that will patch the device against this vulnerability.

This will not affect the typical home or other small network that is based around a wireless router. Nor will it affect networks that implement multiple Wi-Fi access points connected to a wired (Ethernet or HomePlug) backbone. This is because you are dealing with devices that serve as a Wi-Fi base station for that particular wireless network segment.

But if you have Wi-Fi infrastructure devices using some sort of repeater or bridge functionality, check with the vendor for a firmware update for your device.

As well wireless router and access-point manufacturers, especially those courting the business and allied markets, will offer newer firmware to harden their devices against the KRACK vulnerability.

Remember that well-designed devices will implement at best an automatic software-update process or you may have to visit your device’s Settings, Setup or Configuration menu to download new firmware.

As well, the Wi-Fi Alliance have updated their certification tests for network hardware to be sure that such hardware isn’t vulnerable to this risk. These certification tests will be required before a product can show the Wi-Fi Certified logos and will affect products being introduced from this month onwards.

Keeping your network secure until new software is available

If you run Wi-Fi network infrastructure hardware that implements repeater or bridge functionality, disable the Wi-Fi client mode or repeater mode on these devices until your device is running firmware hardened against this vulnerability.

HomePlug AV adaptor

The HomePlug powerline adaptor can help with mitigating risks associated with the KRACK WPA2 Wi-Fi network vulnerability

You may also have to set up your home network with multiple access points linked to a wired backbone as the preferred way to extend the network’s coverage or reach to another building as has been done with this man-cave. A good example of this is to use a HomePlug wireless access point kit which uses your home’s AC wiring for this purpose. If you use a “Mi-Fi” mobile router that supports Wi-Fi data offload, disable this functionality until it is loaded with the latest secure firmware.

Similarly, use a wired network connection such as Ethernet or HomePlug to connect sessile devices like desktop computers, Smart TVs, printers and the like to your home network. This may not be feasible with those devices that only support Wi-Fi connectivity as their network-connection option.

Conclusion

You can mitigate the risk of the KRACK WPA2 Wi-Fi network vulnerability as long as you keep your computer equipment running software that is patched with the latest security updates.

If you use Wi-Fi infrastructure devices that work as a Wi-Fi client like repeaters or client bridges, these have to be updated with the latest firmware from their vendor. As well, use of wired backbones and access points for expanding your home network’s coverage will achieve the proper level of security against this risk if you are dealing with client-capable Wi-Fi infrastructure devices that aren’t updated with the latest software.

Let’s not forget that higher-level encryption protocols like SSL or client-side VPNs do mitigate the risk of data theft through this vulnerability.

Updated (1 November 2017 AEDT) to reflect the latest concerning what is happening with the Apple platforms.

Updated (11 December 2017 AEDT) to reflect the increased number of iPhones and iPads protected against the KRACK exploit by the iOS 11.2 update

Wi-Fi Direct to implement task-specific improvements

Articles

Wi-Fi group acts to simplify peer-to-peer video, printing and other tasks | PC World

From the horse’s mouth

WI-Fi Alliance

Press Release

My Comments

A current limitation that faces anyone who uses Wi-Fi Direct peer-to-peer networking is that the users have to face many steps to take advantages of the devices they connect to. This typically includes being able to discover the device, what it does and how it can do it, such as printing abilities or display resolution. In the case of Miracast-capable displays, this may also include “opening up” the input associated with the Miracast functionality to have the computer’s display on that display screen.

The Wi-Fi Alliance have revised the Wi-Fi Direct specifications to provide task-focused operation with the equivalent of class drivers. This is although there are standards like the UPnP Device Control Protocols out there to enable this functionality and this revision is to specifically enable “one-touch” access to the device’s function.

At the moment, the Alliance have defined four specifications:

  • Wi-FI Direct Send – for sending and receiving content with minimal user interaction
  • Wi-Fi Direct Print – to print quickly from mobile device with minimal interaction
  • Wi-Fi Direct for DLNA – to make it quick to discover DLNA-capable resources like the wireless speakers to play content through these devices
  • Miracast – to allow for screen mirroring and use of an external display

A good question is whether these task-focused specifications only reflect on setups that implement the peer-to-peer connectivity offered by Wi-Fi Direct or whether they could extend to Wi-Fi LANs such as when you use a Mi-Fi device or home network.

At the moment, the new abilities can be applied to existing devices through the use of newer firmware versions because these abilities are offered on a software level rather than through newer hardware requirements. As well, Samsung and other Android vendors could integrate the NFC ability and the Wi-Fi Direct Send functionality to provide a platform-wide implementation of the “S Beam” file-sharing functionality.

It could be touch-to-connect for Wi-Fi devices very soon

Article

WiFi Alliance adds support for NFC | NFC World

My Comments

Two “quick-setup” features that I have liked are coming together very shortly for wireless routers and network-enabled devices. These features are being exploited by device manufacturers who want to be part of the level playing field and desire to see innovation.

One of these features is the WPS-PBC “push-to-connect” functionality where you invoke a WPS setup option on a client device you want to enrol then press the WPS button on your wireless router to “enrol” your client device in to your home network’s Wi-Fi segment. This feature has made it easier to bring new Windows  7/8 computers, Android mobile devices amongst most other Wi-Fi-capable devices in to a home network without having to transcribe in long WPA-PSK passphrases. I even set up one multiple-access-point network to allow this to happen on both access-point devices when I was fixing up network-connectivity issues. Similarly, I was pleased with a TP-Link TL-WPA4220 HomePlug wireless access point that used “Wi-Fi Clone” to learn network parameters from an existing Wi-Fi network segment at the push of a WPS button so it can be quickly set up as an extension access point.

Another feature that I am pleased about is NFC-based Bluetooth pairing. This is primarily used on most Sony Bluetooth-capable devices but other manufacturers are increasingly enabling it. It allows you to touch your phone or computer to the Bluetooth-capable device to instantly pair and connect both these devices. When I bought the Sony SBH-52 Bluetooth headset adaptor with FM radio, it didn’t take me long to “get going” with this device because I simply touched my Samsung Galaxy Note 2 Android phone to it to achieve this goal.

Now the Wi-Fi Alliance have merged both technologies and defined NFC “touch-and-go” setup as part of WPS-based wireless network setup standards. This functionality was seen as part of a “long-tail” vision for the WPS secure-network-setup standards with routers having to support the PIN-based and “push-to-go” methods. They defined a framework based around certain access-point and client chipsets including the Google Nexus 10 Android tablet. For that matter, Android, Linux and Windows 7/8 users could find this functionality either as a small app or “baked in” to an operating-system update.

This is another innovative step that will assure quick setup for Windows and Android devices with small-network Wi-Fi segments especially as most of the recent crop of these devices are equipped with NFC “touch-and-go” functionality and Wi-Fi connectivity.

802.11ac Wi-Fi network specification now a standard

Article

802.11ac Specification Is Final | SmallNetBuilder

My Comments

There is a lot of Wi-Fi wireless-network hardware out there that is compliant to the 802.11ac wireless-network specification but this equipment is built on a draft version of that standard. This standard uses the 5GHz band to offer around very high data transfers with rates that are even close to Gigabit Ethernet speeds. Some of us may be loathe to buy or specify the earlier equipment due to it not working well with equipment from different vendors due to the earlier draft standards.

But this week, the IEEE standardisation body have called the final version of the 802.11ac specification a final standard which is capable of even working to 7 Gbps. To make sure that your current 802.11ac equipment works to this standard, it is worth checking at the manufacturer’s Website for newer firmware that implements the final version of this standard.

Similarly, it would be the time to be able to buy or specify 802.11ac wireless-network equipment that works to the final standard or is able to work to that standard after a firmware update. As far as rolling out or improving your wireless network is concerned, the 802.11ac-compliant wireless router or access point can work with 802.11n clients at the 802.11n speeds but I would recommend these are set for any n/ac compatibility mode.

For that matter, this announcement has not come at a good time as the Consumer Electronics Show 2014 in Las Vegas due to the plethora of home and small-business network equipment based on this standard being launched there. The next milestone would be for Intel to embed this technology in to their Centrino wireless-network chipsets to work with the latest laptops. Welcome to lightning fast Wi-Fi multimedia on your tablet or Ultrabook.