HOW ABOUT SECURITY?
It’s staggering to think that security for data transmitted wirelessly almost seems as though it was an afterthought. The original Wired Equivalent Privacy (WEP) doesn’t even mention encryption or protection, but was devised at a time when US export restrictions limited encryption to 48 bits, and so, as an international standard, WEP started life hamstrung. Sure enough, in 2001, it was demonstrated that WEP could be cracked in minutes via packet sniffing, because the encryption system was fundamentally flawed.
As a matter of some urgency, a replacement system was devised: Wi-Fi Protected Access, or WPA. This arrived in 2003, and was a requirement on all ratified 802.11g equipment—802.11a hardware ended up with support, too. An important improvement was that WPA uses 48-bit RC4 encryption when sending the shared key, rather than the 24 bits of WEP, and the key changes for every frame, making it unlikely that it could be cracked in time.
WPA was a stopgap measure, such were the failings of WEP. The full 802.11i security implementation is called WPA2, and was rolled out in the middle of 2005. This replaces the old RC4 used with WEP and WPA with a far securer encryption— from 128 to 256 bits. It also implements a new packet encryption that is far enhanced over the insecure WEP system and the improved WPA implementation, and is the required system on 802.11n onward. At the start of 2018, WPA3 was announced, and will be required on the next generation of wireless devices. It’s specifically designed to repel brute-force attacks, and improve device connections without screens. Hopefully, you’ll see WPA3-capable devices and routers from the end of 2018.