AES encrypted passwords

[freeradius-users at latter.org]

On 30/09/16 13:57, Alan DeKok wrote:
> On Sep 30, 2016, at 6:53 AM, freeradius-users at latter.org wrote:
>> However I have just looked at the instructions we give to users
>> wishing to connect their Windows 8 machine to the wifi network
>> and have seen this:
>>
>> - Untick “Verify the server’s identity by validating the certificate”
>
>   Which means that you have no security.

...in the event that someone goes to the effort of spoofing the SSID etc.

>   This is MUCH worse than storing clear-text passwords in the database.
>
>   I really wish that amateurs would stop trying to design security systems.  They get most things wrong.

I have no idea why they did it that way.  I will try and draw their
attention to the issue.

But if I may be so bold: the problem with security professionals is
that they often don't seem to recognise the concept of "Good Enough".
They only seem to accept things that are mathematically provably
secure.  And they can then end up with systems that are so complicated
that hardly anybody actually uses them [0].

I live in Cambridge [1].  If you leave a bike unlocked for more than
two minutes it *will* get stolen.  But if it is locked - even
with a lock that could be torn apart with bare hands - it probably
will survive until you get back to it.  So a really not very
good lock is often Good Enough.

Is providing Dot11 but not verifying the certificate Good Enough
in this instance?  I would guess that you do not think so.  Other
comments would be welcome.  I have not yet formed an opinion.
I am moving towards Not Good Enough.

I do not profess to being a security professional.  My main gig
is writing code.  I am trying to improve things.


[0] see: PGP signatures, encrypted mail

[1] Cambridge, England.  More bicycles than people.