• Hello, Guest! Welcome back, and be sure to check out this post for more info about the recent service interruption and migration.

WPA2 for PowerBooks/iBooks?

Tom2112

Well-known member
OK, I have a couple of old Mac that included AirPort cards. Of course, they won't connect to my "modern" 2GHz WiFi because it demands WPA2 and the AirPort card seems to only support WPA.

Is there a magic combination of OS / driver / card that will allow an old iBook or PowerBook to connect to WPA2 networks?
 

gibbsjoh

Active member
My workaround would be to find an old airport base station of the same vintage or an equivalent non Apple AP. Lock it down as much as you can, MAC address filtering etc, and ideally put it on it’s own subnet and firewall the hell out of it.

This is a bit overkill, you could also find a Mac compatible USB WiFi adapter (might not be so easy) - but the speed will be slow.

Alternative 2 is to find a newer Ethernet to WiFi bridge or build one using a Raspberry Pi.
 

cheesestraws

Well-known member
Yeah, WPA2 requires updates to both the OS and the firmware of the dongle. I don't think OS 9's WiFi stack ever supported WPA at all, just WEP (?).

equivalent non Apple AP

minor warning: a lot of end-user APs won't pass AppleTalk properly, for complicated reasons (mostly that they didn't think it worth putting in the effort to do so). If you only want IP that's fine, but AppleTalk is kind of cool.
 

Franklinstein

Well-known member
I think I ran across some info at one point that with some updates you can get original AirPort cards to work with WPA while running under OS X but they'll still be stuck at WEP under OS 9. I don't think I've ever really bothered to try the OS X thing though. 802.11b really should be run on its own network for maximum compatibility and isolation from critical data; if this is the case then WEP would be fine unless perhaps you're in an area with persistent script kiddies trying to break into wireless networks day and night. I remember years ago when I lived in an apartment, running WEP for older hardware support, and even with most security settings enabled it would eventually get hacked via WEP encryption attacks and MAC cloning, so I just gave up on legacy wifi (my room was tiny anyway so cables weren't a huge deal, but it was easier to get Mac-compatible wifi cards than Mac-compatible Ethernet).
 

cheesestraws

Well-known member
Yes; much as I hate to sound cynical, unless you're doing something special that other people especially want access to, the main knack of domestic IT security is not being in the cohort of easiest targets, and running WEP is a good way to be in that cohort.
 

Gorgonops

Moderator
Staff member
Yeah, WPA2 requires updates to both the OS and the firmware of the dongle
Unless your pre-WPA2 WiFi card is unusually gifted a firmware update won’t be able to upgrade it. WPA1 was specifically designed to be able to use the (flawed) CRC encryption hardware built for WEP using an algorithm called “TKIP” which secures the connection by constantly iterating the key set. Not all WEP hardware can even handle this, but thankfully for Apple the Lucent/Orinoco chip they picked for the original AirPort could.

WPA2 requires AES encryption. Maybe there were WEP cards that were implemented with powerful/flexible enough hardware to be upgraded but I can’t think of any off the top of my head.

FWIW, some routers will still let you downgrade to TKIP, and if you do you’re *probably* okay in a residential setting unless someone is really out to get you, but it is definitely more fragile than AES.

(* But of course you still need OS X for WPA/TKIP… 10.3.something? Apple did indeed never release a stack to enable it under 9.x. Nor do I know of any third party solution that doesn’t involve a stand-alone Ethernet->WiFi bridge.)
 
Last edited:

Gorgonops

Moderator
Staff member
Yeah, that was a brain glitch: I was thinking about WPA 1. Thanks for the correction.
I was unreasonably proud of myself years ago when I managed to get WPA1 working on an unmodified Orinoco Silver card pulled out of an original Apple AirPort plugged into an ISA->PCMCIA adapter slotted into a 200mhz Pentium I Dolch lunchbox running Debian. (There was some black magic you could set up to “soft-load” a TKIP-capable firmware instead of flashing the card.) There’s a certain perverse pride to be had in having about the worst possible system you could use (at the time) “directly” on a WiFi router with (then) current/acceptable security settings.
 

Tom2112

Well-known member
Thanks gentlemen. I kinda figured that was the situation. I'd rather not create a separate WEP/WPA1 network for these devices. The risk/reward quotient just isn't worth it. It'll just use a wired connection when I need to. It's not like it happens very often.
 
Top