views:

27

answers:

1

I have what I suspect is a malfunctioning wireless access point, the symptom of which is that OS X occasionally says 'your connection may be compromised' and disconnects for a minute.

As far as I can see by looking at dmesg lines which say

AirPort:  Message Integrity Failure detected (G)

this indicates that some decrypted packet has the wrong value of some cryptographic message-authentication code. It seems very odd to report this as 'your connection may be compromised' when it seems much more likely to be due to interference - is there some kind of forward error correction so that interference can be recognised? Should a wifi stack be able to see that the error rate reported by the FEC is high and so produce a less scary message?

+1  A: 

WiFi (all 802.11 variants including the original "802.11") use forward error correction.

It appears your message is actually corrupted, either intentionally (depending on the cryptography in use, this could be an attack to cause reauthentication messages), due to buggy firmware, or to gross interference or faulty components. FEC can only correct or detect some level of errors, it can't guarantee complete detection or error correction (to do so would require an infinite amount of data). The cryptography stack further authenticates these messages using a cryptographic MAC/Digest, which has obviously determined the message does not validate.

Yann Ramin

related questions