iphone_802-1x.jpg

When the iPhone and iPod Touch first shipped, many eager big business users and university students snapped up the "breakthrough internet devices" only to find that, because the iPhone and iPod Touch didn't support the 802.1x protocol, they couldn't connect to some very large Wi-Fi networks.

Posts piled up on Apple's Discussion Boards, feature requests and bug reports flooded in (I know I sent one!), and, as of the SDK Roadmap event on Thursday, Apple has listened! 802.1x has been announced for firmware 2.0!

But what is it and why's is it so important?

Let's say you bring home a Wi-Fi router and plug it in, then find out that, because you didn't put any type of security password on it, your neighbor has been stealing your bandwidth.

So you try WEP (wire equivalent privacy), but since it was designed by engineers and not cryptographers, your rascally neighbor can just download a little utility from the web, crack your security in under a minute, and start torrent'ing away again on your dime.

Finally, you switch to robust WPA(2) (Wi-Fi protected access) along with a monster 64 character Gibson-certified pseudo-random password and, d'oh, your neighbors locked out and the cheapskate has to pony up for his own broadband.

Now let's say instead of your home, you're running a business or academic institution with thousands or tens of thousands of users. You can't just slap on a password (even a secure one), because you'd have to give it to each of those users, who could then just tell their friends, and there goes security. Worse, from an administrative perspective, anytime someone left your business or institution, you'd have to change the password and get the new one to tens of thousands of users. Nightmare.

That's where 802.1x comes in. Rather than the router using a single ID with a single, common password, 802.1x allows for an authentication server to be running, and thus enables more powerful, flexible, and manageable Wi-Fi for very large networks.

With 802.1x any one of tens of thousands of users can connect to the authentication server, pass along a set of credentials, and be allowed onto the network (or rejected if the credentials fail).

And with late June's 2.0 firmware update, tens of thousands of users will be doing just that, at long last, on the iPhone and iPod Touch.