"Pentagon to issue wireless disconnect order" That is so whack!

mvario · 08-01-2002

Pentagon to issue wireless disconnect order"
http://computerworld.com/mobiletopic...,73150,00.html

And it was less than a moth ago that the Army said they were going to use AirFortress AES encryption stuff for their wireless.

It really seems to me that the folks at the top are clueless, don't understand technology and are scared by these things that they don't understand.

It's like, duh, most any computer network stuff is going to be insecure if folks setting it up don't understand it. And wireless can be made as secure as you want it if you know what you're doing. It's called VPN folks, look it up. The folks in the Army who eval'd AirFortress had a clue, and now they're going to have to pull the plug.

like this:
"Why is it that companies have sold products that they know are insecure?" asked Richard Clarke, President Bush's chief cybersecurity adviser. "And why is it that people have bought them?

Well, some folks understand the technology and can make them just as secure as they want them to be. The companies that make this are making "network equipment" not off the shelf super-safe networking for DUMMIES kits. If you want secure then get a security consultant in there and do your homework.

It amazes me still that no one, including the government, wants to take responsibility for their own actions. They want everyone else to read their minds, know what they want, and make all their dreams come true. 802.11 is a tool, and you should know how to use it before you play with it. If the government folks cut their thumb off with a chainsaw because they didn't bother reading the manual and practicing safer procedures are they gonna pull chainsaws out of all usage.

Government guys, before you start throwing out babies with the bath water you might want to look into Cisco LEAP, IPSEC, maybe eve talk to your own Army folks working with AES encryption and AirFortress stuff. Then again, if you want to start selling off some of your equipment cheap drop me a note.

Michael Vario
mvario@acedsl.com

JoeTampa · 08-02-2002

The Army is still using the AirFortress. In fact, other branches have been purchasing it as well.

You are correct in your statement that there is a lot of FUD (Fear, Uncertainty, and Doubt) running rampant at the Pentagon. Ever work for a large company where one department doesn't have a clue what another is doing? Same thing. The Army's AirFortress deployment is the largest WLAN security project in the industry, but you'd be surprised how few people at the top hear the news. That will change. As you can imagine, both wireless AND security are hot topics in the post 9/11 world. The AirFortress recently was awarded it's official certification that allows it's sale to the Government (FIPS certification). That will help matters.

Incidentally, the Gov't cannot use any flavor of WEP/Leap - it is not and cannot be FIPS certified. That holds true for the current proposal for "WEP 2" being kicked around by the IEEE 802.11 task group "I".

Don't be surprised, however, to see a lot of contradictory information, direction, and missteps as things move forward. NIST, for example, the very body that certifies encryption products (and so certified the AirFortress) recently issued a paper that essentially suggested using a non-certified solution. Then you have all these people who think IPSec for WLAN is a grand idea. Hey! Let's put these wireless devices outside the corporate firewall and make them VPN in! But isn't the outside of the firewall where all the wolves are? They don't think about that. Too many experts who don't know the whole picture. Heck, maybe I'm one of them.

- Joe

08-01-2002	#1 (permalink)
mvario I stumble, therefore I am Join Date: May 2002 Location: NYC Posts: 137	"Pentagon to issue wireless disconnect order" That is so whack! Pentagon to issue wireless disconnect order" http://computerworld.com/mobiletopic...,73150,00.html And it was less than a moth ago that the Army said they were going to use AirFortress AES encryption stuff for their wireless. It really seems to me that the folks at the top are clueless, don't understand technology and are scared by these things that they don't understand. It's like, duh, most any computer network stuff is going to be insecure if folks setting it up don't understand it. And wireless can be made as secure as you want it if you know what you're doing. It's called VPN folks, look it up. The folks in the Army who eval'd AirFortress had a clue, and now they're going to have to pull the plug. like this: "Why is it that companies have sold products that they know are insecure?" asked Richard Clarke, President Bush's chief cybersecurity adviser. "And why is it that people have bought them? Well, some folks understand the technology and can make them just as secure as they want them to be. The companies that make this are making "network equipment" not off the shelf super-safe networking for DUMMIES kits. If you want secure then get a security consultant in there and do your homework. It amazes me still that no one, including the government, wants to take responsibility for their own actions. They want everyone else to read their minds, know what they want, and make all their dreams come true. 802.11 is a tool, and you should know how to use it before you play with it. If the government folks cut their thumb off with a chainsaw because they didn't bother reading the manual and practicing safer procedures are they gonna pull chainsaws out of all usage. Government guys, before you start throwing out babies with the bath water you might want to look into Cisco LEAP, IPSEC, maybe eve talk to your own Army folks working with AES encryption and AirFortress stuff. Then again, if you want to start selling off some of your equipment cheap drop me a note. Michael Vario mvario@acedsl.com

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

08-02-2002	#2 (permalink)
JoeTampa Registered Member Join Date: Apr 2002 Posts: 51	The Army is still using the AirFortress. In fact, other branches have been purchasing it as well. You are correct in your statement that there is a lot of FUD (Fear, Uncertainty, and Doubt) running rampant at the Pentagon. Ever work for a large company where one department doesn't have a clue what another is doing? Same thing. The Army's AirFortress deployment is the largest WLAN security project in the industry, but you'd be surprised how few people at the top hear the news. That will change. As you can imagine, both wireless AND security are hot topics in the post 9/11 world. The AirFortress recently was awarded it's official certification that allows it's sale to the Government (FIPS certification). That will help matters. Incidentally, the Gov't cannot use any flavor of WEP/Leap - it is not and cannot be FIPS certified. That holds true for the current proposal for "WEP 2" being kicked around by the IEEE 802.11 task group "I". Don't be surprised, however, to see a lot of contradictory information, direction, and missteps as things move forward. NIST, for example, the very body that certifies encryption products (and so certified the AirFortress) recently issued a paper that essentially suggested using a non-certified solution. Then you have all these people who think IPSec for WLAN is a grand idea. Hey! Let's put these wireless devices outside the corporate firewall and make them VPN in! But isn't the outside of the firewall where all the wolves are? They don't think about that. Too many experts who don't know the whole picture. Heck, maybe I'm one of them. - Joe