Originally Posted by ActiveCaptain
The WiFi part of MiFi comes by default with WPA encryption.
You mean Authentication, not encryption. Which I don't say to bust your chops, but because we shouldn't be so casual in the language.
Now for my mean culpa...
I said there was no meaningful difference between WPA and WPA2. That's not true.
"WPA1", if I can append the number used TKIP for encryption.
WPA2 still offers TKIP for those who want to use it, but mandates the more robust CCMP for encryption.
It was important for me to clarify my earlier statement because it was too casual and left out what really is an important bit.
There's also something I left out...
If anyone is setting up their own Wireless Access Point, if it has WPS or "Wi-Fi Protected Setup", then pay attention to this next bit.
If you activate it via an actual mechanical push-button, it's safe, as long as you protect physical access to the WAP. If it is a purely software based setup then there is a simple repair process that you must follow:
1) Uninstall your WAP and carefully carry it to the stern of your boat.
2) Drop it in the water.
3) Buy a new WAP with a push-button WPS.
Anyway, if you make sure that you use WPA2, choosing CCMP in the drop down menu (not TKIP) and have at least a 10 digit long alpha-numeric password that you keep to yourself, then you're actually pretty secure. Someone would typically have to associate with your WAP before your traffic becomes vulnerable.
Also, as I said, don't bother to hide your SSID. Anyone who knows enough to be a threat also knows how to use things called Beacons and Probe Responses to find you; at which point you've only suceeded in drawing their attention to you.
There IS a trick I like to use where I select an IP and Subnet Mask that limits me to just a few valid IP addresses which I then use up with stuff that never leaves the network. That's not perfect though since a disassociation flood will open up a window of opportunity for a hacker and it takes a bit of knowledge to play games with IP addresses anyway. More than a casual user has I mean.