Slashdot videos: Now with more Slashdot!
Several years ago he wrote "The six dumbest ways to secure a wireless LAN", which articulated what most folks who do WiFi security (as opposed to repeat rumors about it) already knew. The article is still well regarded as a powerful document to be presented in IT staff discussions and to under-informed IT decision makers ("PHBs") dispelling accrued misinformation.
Ou has just written a follow-up column revisiting wireless security, what works, what is worth the effort, and what is just wasting time & effort that could be better spent on real security measures. Titled "Wireless LAN security myths that won't die" he makes strong cases against useless & even counter-productive WiFi security technologies & strategies.
Best of all, Ou names names and provides supporting hyperlinks, all in about 15 tightly written paragraphs. The entire article is well worth reading, however for general WiFi owners users the last two sentences in the article are probably the most important:
For small businesses and homes, all you need to do is use WPA-PSK security with a random alpha-numeric pass-phrase that's a minimum of 10 characters long. If WPA security isn't available to you, at least run WEP as a 10-minute deterrence mechanism.
I've regularly seen folks post here about how they're "hiding" their SSID "for security"; here's an easy introduction to the fact you're actually lessening your security by doing so. Also for those relying on static IP / MAC address filtering this is a reminder that all of your painful manual management, time that could have been spent on other more productive duties, can be trivially undone in a few seconds to minutes of automated cracking."