Functional Linux 802.11G Centrino Driver Released 46
sixstring355 writes "Intel has released the first functional version of its Centrino/IPW2200 chipset driver. for Linux (kernel 2.6.4+). Posts to the ipw2100/2200 developer mailing list report connection speeds of 450KB/s. See the feature list for more details."
Nice start (Score:2)
Unfortunately, without WEP (are they shooting for 40bit or 128bit?) it won't be much good for everyday use. Still, a great step in the right direction. Also, headline writer should note that it supports 802.11b as well as 802.11g..
Re:Nice start (Score:5, Insightful)
Unfortunately, without WEP it won't be much good for everyday use.
WEP isn't much good for everyday use. WEP creates complexity because you need to deploy keys everywhere, reduces performance -- sometimes by as much as half -- and is very easy to break, so the security it provides is mostly illusion. I'm somewhat of a security expert (as in, it's my day job, and they haven't fired me yet), and I run my home network unencrypted, but with the wireless part firewalled off, with the AP configured to do MAC address filtering and not to broadcast the SSID. That's just about as secure as WEP, is much easier to manage and doesn't slow down my data transfers.
That said, the driver in question uses the HostAP infrastructure, which includes a WPA supplicant, so when the security is all hooked up, it should not only have WEP, but it will also support WPA and WPA2, along with either PSK or any of the zillion EAP authentication methods, for centrally-manageable, strong security.
IMO, the driver's security is perfectly acceptable for home use now, and when they get it all hooked up, it'll be just fine for enterprise use as well. Good stuff!
Re:Nice start (Score:2)
The Myth of Easy WEP Cracking (Score:3, Informative)
The fact is that WEP is better than no WEP, that if you use WDS you gotta use WEP instead of WPA because of the MAC addresses, and that you should still use higher level encryption layers anyway for sensitive information.
Deploying WEP is easy (and I don't even mean using it with the Wireless wizard in XP SP2 that will deploy passwords for you).
Re:Nice start (Score:1)
Re:Nice start (Score:2)
No offence, but if you think masking an SSID and using MAC filtering is a defence, then you shouldn't be calling yourself a security expert.
It's an obstacle, not a defense. But, then, so is WEP. Anyone cluefull enough to sniff your SSID and spoof their MAC is cluefull enough to run airsnort, etc., and crack your WEP key. The WEP cracking takes longer, of course, so WEP will probably defeat casual but smart drive-by attackers. Anyone willing to hang around for a while can find you WEP key and anyone w
Re:Nice start (Score:1)
Re:Nice start (Score:2)
VPN's however are less secure. Layer 2 vulnerabilities mean that a VPN can be bypassed using tools such as Kracker-Jack.
What are you talking about? No decent VPN should make *any* assumptions about the link layer. A VPN has to assume that the packets are traversing networks that are entirely under the control of the attacker. Whatever kind of low-level spoofing you want to try, if the VPN does strong mutual authentication end-to-end, the most you should be able to accomplish is denial of service.
For
Re:Nice start (Score:1)
When a client is using a VPN solution, it sends a modified DHCP request with its public key; the VPN gateway inserts the clients public key into the DNS server; the client requests the gateways public key from the DNS server, client receives the key and the tunnel is then established. Kracker-Jack works by firstly initiating a deauthentication attack a
Re:Nice start (Score:2)
Ick. What VPN is that, and who designed it? There's a reason public keys shouldn't be trusted without some sort of certification or verification...
Re:Nice start (Score:2, Insightful)
wouldn't it be better to treat the air just as insecure as any connection that would go through networks you know to be tapped?
(ssh tunnels & etc..)
Re:Nice start (Score:2, Informative)
rfmon (Score:1)
k plz thx.
Re:rfmon (Score:3, Informative)
I haven't tried it in the last couple months since it was first implemented in the ipw2100 driver and firmware, but it worked (with minor packet corruption, I think that has been redueced in the last couple releases)
Great! Now what about... (Score:2, Funny)
TROLL (Score:1)
Maybe when you get a Centrino-based laptop that runs OS X
Why WEP? (Score:1)
Why are they even bothering with WEP? It is known to be easily crackable. They should just skip ahead to WPA, which is secure (for now
Re:Why WEP? (Score:4, Insightful)
Security, even wireless security, isn't black and white. It comes in shades of gray (not to mention mauve and chartreuse), and all of them are appropriate for some situation or other.
Re:Why WEP? (Score:1)
It's a source code release! (Score:2)
The firmware that runs on the card itself is still a closed source binary. Think of it as the same as a system board BIOS upgrade, though like the microcode updates for your processor it is loaded each time into the chipset before using it. Unlike the processor updates, the chipset firmware is required to use the card -- at all.
Here's something to fight over, though; [sourceforge.net]
Re:It's a source code release! (Score:5, Informative)
Talk about failure to pick your battles. A bit of real-world info: every single WiFi card on the planet has closed-source firmware. No exceptions. The difference is that the Intel 2x00 cards save money on manufacturing (and thus make the cards cheaper for YOU) by not storing the firmware on an extra flash chip on the board itself.
Take a look at the board of MOST WiFi cards. You will see either 3 or 4 chips (though some new non-PC-compatible "chipsets" manage to totally integrate this into a single chip). Chip #1 is the baseband (MAC). Chip #2 (if not integrated into the MAC, which is a very recent thing) is the radio section (upconverter/downconverter). Chip #3 is the SRAM needed to store in-flight packets. Chip #4 is the flash chip containing the closed-source firmware. The Intel 2x00 cards save money by letting the host processor and infrastructure do what they're really good at: storing and moving data. Instead of loading firmware out of flash, the card waits for the host to load the firmware as the driver boots up.
No as for the desirability of open-source firmware... If you plan on telling me that you intend to take this open-source firmware and modify it so your card can do different things with its radio, pay me no mind while I laugh in your face.
I'm developing firmware for a hardware product right now, and can tell you that there is not the slightest chance that anyone outside the designers of the hardware can make firmware do anything other than what it was designed to do.
First of all you have the hardware itself, which even the software will be useless for as far as getting the slightest clue what's really going on. Second, firmware for such devices, *especially* high-speed devices like WiFi cards, is more timing-critical than you can even begin to imagine. The slightest change will make it cease to work in ways even the original author most likely will not understand (speaking from daily experience here).
Sorry, but if you want open-source firmware, you're going to have to design your own chip.
(Not-Disclaimer: I have no relationship with Intel, their product, or this driver project, except that I plan on buying a 2x00 at some point to replace the driverless/worthless BCM4306 card that came with my laptop)
Re:It's a source code release! (Score:5, Informative)
Re:It's a source code release! (Score:3, Interesting)
Is this really true? This comment [slashdot.org] seems to suggest otherwise:
- Brian
Re:It's a source code release! (Score:2, Insightful)
If I was a device manufacturer, and I released my source code that allowed someone to operate my har
Re:It's a source code release! (Score:2, Insightful)
What this means is that ONLY Intel has the capabilities to write this driver. For everyone else it's illegal. No porting to to other operating systems. As a FreeBSD user, this announcment is completely worthless.
Also, it means you can't fix any bugs in the firmware. While this isn't going to be something very many people will be able to do, there are enough of them that we don't
Re:It's a source code release! (Score:2)
Re:It's a source code release! (Score:2, Insightful)
There is so much inaccurate crap spewed by condescending assholes who think think it is accurate.
Repeat the following until you understand:
The firmware does not execute on the PC's CPU. The firmware is not a driver a kernel module, or portion thereof. The firmware is executed entirely within WiFi card itself. Therefor it matters not what operating system (FreeBSD, Linux, Windows, BeOS, etc) or CPU architecture (x86, Mips, Sparc, PPC, etc) is used. I'm a double dumb ass for spewin
Re:It's a source code release! (Score:2)
I think you're unfairly trivialising the need for FLOSS friendly firmware.
The actual problem is that the licensing on the firmware often prevents redistribution. This means you can't just install a distribution like Debian and start using your wireless card. There
Re:It's a source code release! (Score:2)
Of course ONLY you could conceive of the functionality locked within hardware.
Of course ONLY the manufacturer could supply good firwware for an embeded system.
Of course we can't imagine the timing requirements.
What arrogance!
Let you in on a little secret -- there are better programmers out there.
Why not loosen up, and try supporting the hacker ethos?
Ratboy
GREAT! (Score:1, Redundant)
Anyone?
Isn't 450KBps too slow? (Score:2, Insightful)
Re:Isn't 450KBps too slow? (Score:3, Informative)
read the feature list [sourceforge.net] listed in the article. It mentions that it only connects in 802.11b mode, 802.11g support is still in the todo section...
Re:Wrong section? (Score:2)
Grr.. (Score:3, Funny)
Oh, wait. Never mind.
Re:Grr.. (Score:2)
450KB/s (Score:3, Insightful)
Linux Installation Reports for Centrinos (Score:5, Informative)
Re:This is why Intel, not Broadcom, will rule (Score:2)
Seriously, if they start to notice that their sales are dropping and they see "Don't buy Broadcom" all over Linux sites...someone there might take the hint...