Mobile & Wireless UPDATE, May 8, 2003


Mobile & Wireless UPDATE--brought to you by the Windows & .NET Magazine Network



Windows & .NET Magazine



GET WINDOWS & .NET MAGAZINE AT 25% OFF! Every issue of Windows & .NET Magazine includes intelligent, impartial, and independent coverage of security, Active Directory, Exchange, and much more. Our expert authors deliver content you simply won't find anywhere else. Subscribe today at 25% off, and find out what over 100,000 readers know that you don't!


May 8, 2003--In this issue:

1. MOBILE & WIRELESS PERSPECTIVES - 802.1x at Microsoft and Elsewhere

2. ANNOUNCEMENT - Time Is Running Out to Join Our Storage Solutions Road Show!

3. INSTANT POLL - Results of Previous Poll: WLAN Usage - New Instant Poll: Are You Using IEEE's 802.1x Standard?

4. RESOURCES - Tip: Get Speech Recognition Working in Windows XP - Event Highlight: Mobile Messaging Americas 2003

5. NEW AND IMPROVED - Use a Fingerprint Sensor

6. CONTACT US - See this section for a list of ways to contact us.




(contributed by John D. Ruley, [email protected])

* 802.1x AT MICROSOFT AND ELSEWHERE I received two interesting reader responses to my April 2003 Windows & .NET Magazine Mobile & Wireless column, "802.11b Boot Camp." To read the column, go to .

First, reader Matt Johns wrote to ask why I hadn't discussed 802.1x (not to be confused with 802.11x), which is the IEEE's port-based network access control draft standard, defined at . I wasn't particularly familiar with 802.1x, which involves authentication against a back-end server, typically using the Remote Authentication Dial-In User Service (RADIUS) protocol. In contrast, the 802.11x terminology has seen widespread use to describe any of the assorted variations of the 802.11 protocol (e.g., 802.11a, 802.11b, 802.11i, 802.11g).

Johns wrote, "I think the usage of 802.11x is just going to confuse people more and prevent them from making good use of 802.1x. Having just deployed an 802.1x solution, I'd say it's one of the more difficult things to learn about and install. However, it can be significantly more secure ... I'm amazed by the number of Wi-Fi deployments that simply aren't secure against anyone with a desire to compromise them." Johns's message got my attention, and I decided to research 802.1x at my first opportunity.

The second reader response was even more compelling. In the original column, I wrote, "All 802.11b wireless APs in Redmond reside outside Microsoft's corporate firewall and are considered insecure. The company uses a VPN to let users access resources inside the firewall." Microsoft Group Program Manager Jerry Cochran responded, "Your statements in the April 2003 Windows & .NET Magazine article about how Microsoft uses 802.11b at its Redmond campus are incorrect. In addition to 128-bit Wired Equivalent Privacy (WEP), Microsoft combines public key infrastructure (PKI)-based 802.1x certificates (user and device) with wireless devices to secure its wireless LANs (WLANs). The Access Points (APs) are inside the firewall, and users don't use VPNs, which are unnecessary and would be costly to manage."

In my defense, the information in my April column came from another Microsoft employee--but the information was more than a year old, and the source worked in Microsoft's Mobile Devices Division. Considering that 802.1x isn't yet supported by Windows CE on Pocket PCs and other mobile devices, my information about 802.11 support was correct at the time--at least for the Mobile Devices Division.

Now, however, Cochran tells me that 802.1x support is available on mobile devices, through the wireless network card driver--provided the card vendor has added the necessary support code. Vendors that provide 802.1x support for Windows CE drivers include Agere Systems, Cisco Systems, Hewlett-Packard (HP), Socket Communications, and Toshiba.

In a follow-up conversation, Cochran told me that Microsoft went to great lengths to create a secure WLAN for Microsoft employees before the introduction of 802.1x. He said, "When Microsoft first got wireless, we used 104-bit keys that were hard-coded on the card and on the AP. That was fairly secure, but all anyone had to do was get one of those cards, and they could get in. With 802.1x, that's not possible--you have to have both an authentic device and an authentic user certificate to get in."

Clearly, enterprise wireless administrators need to understand the 802.1x standard. In contrast to WEP, which requires separate programming of authentication keys at each AP--and which is vulnerable to a brute-force attack, in which a malicious user tries all possible keys until one authenticates--802.1x provides pass-through authentication against a central authority. You can directly integrate 802.1x with Active Directory (AD), and 802.1x is much less vulnerable to hacking than WEP. You can even combine 802.1x with VPN access for extremely strong security.

Microsoft includes 802.1x wireless authentication support in Windows 2000 Server and includes an 802.1x client in Windows XP. (For information about these features, see the first two links at the end of this paragraph.) If you're using earlier versions of Windows on either the server or client, check out Funk Software's Odyssey, which provides 802.1x support on nearly any Windows-based system. The company is beta-testing a Pocket PC client. (For more information about Odyssey, see the third link.)

What about small office/home office (SOHO) users like me? Cochran said, "802.1x is probably a bit expensive for SOHO use, but I would imagine that as the technology becomes more common, you'll see it in lower-cost equipment. It would be an interesting market for Linksys or Netgear to go after."

I'll be watching for such developments with intense interest. In the meantime, I'd like to hear from readers who are using 802.1x. As usual, you can reach me by email at [email protected] Finally, I want to thank Johns and Cochran for bringing me up to speed on this topic!



(brought to you by Windows & .NET Magazine and its partners)

* TIME IS RUNNING OUT TO JOIN OUR STORAGE SOLUTIONS ROAD SHOW! Attend the HP & Microsoft Network Storage Solutions Road Show, and learn how existing and future storage solutions can save your company money--and make your job easier! Attendees have lots of chances to win incredible prizes. There is absolutely no fee for this event, but space is limited. We've just added Minneapolis to our list of cities, so register now!



* RESULTS OF PREVIOUS POLL: WLAN USAGE The voting has closed in Windows & .NET Magazine's Mobile & Wireless Solutions nonscientific Instant Poll for the question, "What do you use your wireless LAN (WLAN) for?" Here are the results from the 25 votes: - 16% Vertical market (e.g., specialized enterprise application) - 48% Horizontal market (e.g., email, Web access) - 36% Both

(Deviations from 100 percent are due to rounding error.)

* NEW INSTANT POLL: ARE YOU USING IEEE'S 802.1x STANDARD? The next Instant Poll question is, "Are you using the IEEE's 802.1x standard (not to be confused with 802.11x) in your environment?" Go to the Mobile & Wireless Solutions Web site and submit your vote for a) Yes, b) No, but I'm researching it as we speak, or c) No, it hasn't yet grabbed my attention.



* TIP: GET SPEECH RECOGNITION WORKING IN WINDOWS XP (contributed by John D. Ruley, [email protected])

In the April 24 edition of Mobile & Wireless UPDATE, I wrote about the Tablet PC form factor. I was particularly enthusiastic about voice-input technology. I wrote, "Speech-recognition technology is built into Windows XP, but it's rarely used on conventional notebook and desktop PCs."

That statement prompted queries from several readers who wanted to know how to get speech input working in XP. After some research, I found out why speech-recognition technology is rarely used: Microsoft built support for the Speech Application Programming Interface (SAPI) into the OS but didn't provide a UI for it. To get speech input working on XP, you have three choices:

- Buy Microsoft Office XP, which includes speech support and the necessary UI.

- Buy the Microsoft Plus! for Windows XP package ( ), which also includes a speech UI.

- Download the Speech SDK 5.1 for Windows package ( ), which runs on both XP Service Pack 1 (SP1) or later and Windows 2000 Professional. This option is the only one that doesn't require you to shell out any extra money. However, it's not a supported product.

Microsoft also has a Microsoft .NET Speech SDK in beta that appears to be aimed at voice-enabled .NET service applications. I'm not sure whether it would also provide a simple UI for dictation on the desktop, but it might be worth a look.

* EVENT HIGHLIGHT: MOBILE MESSAGING AMERICAS 2003 June 11 through 12, 2003 Miami, Florida

As mobile text messaging starts to take off in the United States and Latin America, IBC's Mobile Messaging Americas 2003 will bring together key experts from the messaging community to share their expertise and discuss strategies for stimulating the growth and profit from Short Message Service (SMS), Multimedia Messaging Service (MMS), and mobile Instant Messaging (IM). Mobile Messaging Americas 2003 is a 2-day strategic conference and free exhibition. For more information, go to the following URL:

For other upcoming events, check out the Windows & .NET Magazine Event Calendar:



(contributed by Carolyn Mader, [email protected])

* USE A FINGERPRINT SENSOR DigitalPersona announced U.are.U Firefly, a fingerprint sensor and scroll wheel designed for OEM integration into mobile applications. The roller-style reader optically records a fingerprint image when a user glides his or her finger over the roller. You can integrate the device into laptops, PDAs, and other mobile devices. U.are.U Firefly measures 30mm x 17mm x 7.8mm. You can use the device with dry, moist, or rough fingertips. For pricing, contact DigitalPersona at 650-261-6070.



Here's how to reach us with your comments and questions:


* ABOUT THE NEWSLETTER IN GENERAL -- [email protected] (please mention the newsletter name in the subject line)


* PRODUCT NEWS -- [email protected]

* QUESTIONS ABOUT YOUR MOBILE & WIRELESS UPDATE SUBSCRIPTION? Email Customer Support -- mobile_&[email protected]



This biweekly email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.

Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.


Thank you for reading Mobile & Wireless UPDATE.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.