Removal of WEP and WPA/TKIP in firmware 5.0.29
First, happy holidays :)
Second :p Why the decision of deleting WEP en WPA/TKIP support in the latest firmware?
I do understand this is old and insecure, but taking away this option cuts in compatibility options Omada could offer.
There will always be legacy devices, espacialy in corporate environments. (sadly but true..)
Is there a technical standpoint for deleting these? Software limitation? Space limitations? Or just a cleanup action without further thought?
Glad to see the fast mitigation TP-link took on Log4j :)
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
I dont speak for TP Link personally, but totally agree with their decision on this
If we are to move forward to a more secure future we cant be offering support for what is old and weak standards, developing testing and implementing this into each new version just takes time away from real fixes and slows progress.
Their decision to remove WEP in v5 is totally understandable, should you be supporting legacy devices then its likely you will also be running older APs. With that in mind running v4 of the SDN is preferential, allowing v5 to progress the newer WiFi6 / 6E devices
- Copy Link
- Report Inappropriate Content
I have to agree with you. Removing WEP is a no-brainer.
But at least keep WPA/TKIP as an available option.
- Copy Link
- Report Inappropriate Content
I disagree with that, WPA via TKIP is simply WEP on steriods.. it was only ever ratified to be a temporary solution to the breaking of the RC4 cipher. While it offered a quick fix for the flaws in RC4, TKIP was fundamentally just a beefing up of WEP and suffers the a lot of the same flaws
WPA2 with AES was the direct replacement and therefore in my opinion should be the minimum we require now.
Also from a support point of view, Apple devices nag of poor security when running TKIP, switching to AES solves this. We got a lot of calls to our help desk about this (and on these forums) all of which are not free to respond too... Moving to AES did reduce support costs for us.
- Copy Link
- Report Inappropriate Content
I understand what you are saying. But in practice it's not always feasible to get ALL devices on the same level.
Even though WPA2/AES isnt new by a long shot, there are still legacy devices in the field that cant be replaced that easily.
My point being, it's not the vendors place trying to push out old tech by removing functionality from a product that was bought by customers a while ago and counting on that functionality.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 820
Replies: 4
Voters 0
No one has voted for it yet.