Re: A comment on NetworkManager

["Robert G. Brown" <rgb phy duke edu>]

On Thu, 11 May 2006, Aaron Konstam wrote:

> Your post is extremely interesting but leaves me with a question and a
> statement.
> Question: I thought I was using 13 character WEP passwd but the file in
> the .gconf records only a 10 character passwd. Why is this?

It sounds like it could be a legacy of earlier versions.  Your 13
character key is probably in the keyring.

> Now about locking. You choose a lock consistent with the security you
> want to have. I am satisfied to have a lock and deadbolt on my house but
> it is not completely secure. Someone would have to be crazy to spend 10
> to 24 hours to crack mt WEP passwd. If I was a bank it would be
> different. I am not  convinced yet that for the vast majority of users a
> 13 bit WEP passwd is not secure enough. I also agree removing the ESSID
> makes it harder to figure out what access point you are connected to.

No, for the vast majority of users WEP >>is<< enough.  The point is that
gnome-keyring is overkill for those users as well. 700 protection of the
key in your home directory is probably enough as that is "locked"
against everybody but root, and nothing is really locked against root.

The weakness in the house metaphor is that the house has a universal
master key in the hands of a hopefully benevolent but fairly easily
subverted individual (who could be you).  At any time they can unlock
your house even if you otherwise bury it in ten feet of steel reinforced
concrete, and THEY live in a house which has proven annoyingly
vulnerable countless times in the past, allowing their master privileges
to be stolen by the good and the wicked alike.

   rgb

--
Robert G. Brown	                       http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567  Fax: 919-660-2525     email:rgb phy duke edu