Wi-Fi network news reports the folks who wrote tinyPEAP, a firmware replacement for two Linksys router models that has on-board RADIUS authentication using 802.1X plus PEAP, released a WPA cracking tool. So now what, do we all have to start running radius servers at home? No, it only cracks weak passwords, those choosen from dictionary words. WiFi encryption really bugs me. We're told to use WPA instead of WEP, but there are problems with that, we have to find drivers that support it (and Toshiba UK are never up to date with driver downloads, you end up having to trawl through the US support site looking for them). The wife's laptop works fine with WPA, but my laptop, and my Atheros AR5001X+ drops WPA protected connections after 5 minutes. A registry "fix" helps this;

This tells Windows to simply authorise using machine credentials and not to attempt to send user details, which in my setup is useless anyway as there is no radius server. Apparently there's a bug in some drivers that loses the WPA key if user authenication fails until the next key renewal period.

So that's half of my wireless network protected. The servers upstairs live on a seperate wireless access point though, an old ME102. The sensible thing to do would be to get another WG602 and bridge that to my client access point. Problem is you can't bridge using WPA, so you have to fall back to WEP to use bridging.

WPA was not the magic bullet for protection it was billed as. Driver bugs and access point limitations don't help either.