{"id":376,"date":"2007-02-27T06:34:24","date_gmt":"2007-02-27T12:34:24","guid":{"rendered":"http:\/\/neosmart.net\/blog\/2007\/why-isnt-wpa2-an-automatic-update\/"},"modified":"2018-01-06T18:50:37","modified_gmt":"2018-01-07T00:50:37","slug":"why-isnt-wpa2-an-automatic-update","status":"publish","type":"post","link":"https:\/\/neosmart.net\/blog\/why-isnt-wpa2-an-automatic-update\/","title":{"rendered":"Why isn&#8217;t WPA2 an Automatic Update?"},"content":{"rendered":"<p>If you&#8217;re using Wi-Fi in your workplace, chances are, you&#8217;re using WPA2 security. After all, nothing else is worth using. <acronym title=\"Wired Equivalent Privacy\"><a href=\"http:\/\/en.wikipedia.org\/wiki\/Wired_Equivalent_Privacy\" rel=\"follow\">WEP<\/a><\/acronym> (extended or otherwise) was cracked virtually before it was even released, despite the obvious misnomer, you <em>do not<\/em> want to be using this! <acronym title=\"Wi-Fi Protected Access\"><a href=\"http:\/\/en.wikipedia.org\/wiki\/Wi-Fi_Protected_Access\" rel=\"follow\">WPA<\/a><\/acronym> came a while later, and is several hundred times more secure. Unfortunately, WPA is also susceptible to wireless cracking techniques and if you aren&#8217;t using a strong password, it&#8217;s even less secure than a WEP-encrypted network.\n<\/p>\n<p><!--more--><\/p>\n<p><acronym title=\"IEEE 802.11i\"><a href=\"http:\/\/en.wikipedia.org\/wiki\/WPA2\" rel=\"follow\">WPA2<\/a><\/acronym> <em>seems<\/em> to be the answer. Instead of WPA&#8217;s default (and vulnerable) <acronym title=\"Temporal Key Integrity Protocol\"><a href=\"http:\/\/en.wikipedia.org\/wiki\/TKIP\" rel=\"follow\">TKIP<\/a><\/acronym> packet encryption, it uses <acronym title=\"Advanced Encryption Standard\"><a href=\"http:\/\/en.wikipedia.org\/wiki\/Advanced_Encryption_Standard\" rel=\"follow\">AES<\/a><\/acronym>,<sup id=\"rf1-376\"><a href=\"#fn1-376\" title=\"AES was only optional in the original WPA setup\" rel=\"footnote\">1<\/a><\/sup> with mandatory <acronym title=\"Counter Mode with Cipher Block Chaining Message Authentication Code Protocol\">CCMP<\/acronym> support.<sup id=\"rf2-376\"><a href=\"#fn2-376\" title=\"CCMP support was made mandatory by the Wi-Fi Alliance in March of 2006\" rel=\"footnote\">2<\/a><\/sup> Without going into detail, suffice to say that CCMP is, to date, secure and uncrackable.\n<\/p>\n<p>The only problem? Windows XP isn&#8217;t compatible with WPA2-secured networks without a special update for WPA2 encryption support. That&#8217;s understandable, after all, WPA2 didn&#8217;t come out until after Windows XP SP2. But the problem is, it&#8217;s not even on Windows Update! Windows Update, always quick on the mark with the monthly Malicious Software Removal tool and other recommended updates surprised us by not showing the littlest inkling that there was an update<strong>&nbsp;as important to security as WPA2<\/strong> available for download. It&#8217;s been available <a href=\"http:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=1974\" rel=\"follow\">for manual download<\/a> &#8211; only with Genuine Advantage validation &#8211; from Microsoft since May 2005&#8230; That&#8217;s <strong>a long time<\/strong> to be waiting!<sup id=\"rf3-376\"><a href=\"#fn3-376\" title=\"Direct Download Link: KB893357\" rel=\"footnote\">3<\/a><\/sup>\n<\/p>\n<p>To complicate matters further, if you&#8217;re on Windows XP x64 Edition, <strong>you can&#8217;t even use WPA2!!<\/strong> So for the companies out there that are trying to protect their Wireless networks from intruders and looking to stay on the bleeding edge with 64-bit versions of Microsoft Windows &#8212; You can&#8217;t.\n<\/p>\n<p>There may be a workaround however, for those so inclined. By using the proprietary Intel and Cisco utilities available for connecting to wireless networks, you may be able to get Windows to connect to WPA2-encrypted networks without installing any updates or formatting your PC to get the x86 edition installed.\n<\/p>\n<p>The bottom line is, we know Microsoft is serious about security and they don&#8217;t appreciate the lack of it on Windows any more than we do, but it&#8217;s things like this that make people wonder. How hard would it be to label this as a recommended download via Windows Update for all x86 users &#8211; and to roll out a version with x64 support <em>before <\/em>Windows XP x64 SP2 comes out, years from now?<\/p>\n<hr class=\"footnotes\"><ol class=\"footnotes\"><li id=\"fn1-376\"><p>AES was only optional in the original WPA setup&nbsp;<a href=\"#rf1-376\" class=\"backlink\" title=\"Jump back to footnote 1 in the text.\">&#8617;<\/a><\/p><\/li><li id=\"fn2-376\"><p>CCMP support was made mandatory by the Wi-Fi Alliance in March of 2006&nbsp;<a href=\"#rf2-376\" class=\"backlink\" title=\"Jump back to footnote 2 in the text.\">&#8617;<\/a><\/p><\/li><li id=\"fn3-376\"><p>Direct Download Link: <a href=\"http:\/\/download.microsoft.com\/download\/9\/e\/b\/9eb62d0b-61f0-4c9e-9c52-e3bef96d9e7f\/WindowsXP-KB893357-v2-x86-ENU.exe\" rel=\"follow\">KB893357<\/a>&nbsp;<a href=\"#rf3-376\" class=\"backlink\" title=\"Jump back to footnote 3 in the text.\">&#8617;<\/a><\/p><\/li><\/ol>","protected":false},"excerpt":{"rendered":"<p>If you&#8217;re using Wi-Fi in your workplace, chances are, you&#8217;re using WPA2 security. After all, nothing else is worth using. WEP (extended or otherwise) was cracked virtually before it was even released, despite the obvious misnomer, you do not want &hellip; <a href=\"https:\/\/neosmart.net\/blog\/why-isnt-wpa2-an-automatic-update\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[975,1],"tags":[264,262,64,263,261],"class_list":["post-376","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-wep","tag-wi-fi","tag-wireless","tag-wpa","tag-wpa2"],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p4xDa-64","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/posts\/376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/comments?post=376"}],"version-history":[{"count":1,"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/posts\/376\/revisions"}],"predecessor-version":[{"id":2249,"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/posts\/376\/revisions\/2249"}],"wp:attachment":[{"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/media?parent=376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/categories?post=376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/neosmart.net\/blog\/wp-json\/wp\/v2\/tags?post=376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}