I dont have poor reading comprehension, to be honest your knowledge is clearly lacking on the subject if you think that obtaining a WEP key is done via a brute force attack, yet you seem to think that average home users are secure using a redudant technology you obviously know very little about
This will be my last post on this subject, and just to let you know I admit I do not know everything there is to know about everything, no one does. However, I have been in the IT field for 9 years now, have administered Novell, Windows, Linux, OS X and Unix servers, have supported up to 10,000 clients at one time, and right now, I support over 5500+ laptops in a huge wireless network. We are most likely going to go Radius or WPA once we get rid of the legacy devices that are holding us back. I hold certs with Microsoft, Apple, Prometric, HP/Compaq, Gateway, and a few others I forget I even have. This is my background and qualifications for what I know, what are yours?
Ask yourself this, do you know everybody who lives down your street and is within range of your AP? the answer is no, and nor do 99% of other home users. so how the hell do you know there isnt some kid 2 doors down who knows what hes doing? were not talking about "a letter to grandma" being at stake here, its your confidential details that you take for granted and send through the internet everybody, your paypal passwords, your online banking details etc etc, all these can be stolen via methods ive already described, so why the hell would you even risk it? Yeh ok.. if you've got absolutely no other means of security than WEP because you've got an old card that doesnt support WPA then yes, use WEP, but at least implement some kind of Mac filtering and SSID cloaking, but also remember that your living on a very redudant technology and by no means should consider your network secure.
Supporting 25,000 users right now I know that your average user can't remember a password. At some points in my work not a day goes by I don't have to get into the directory and reset a password for a user who can't remember it. You are forgetting
YOU are not the average user or even close to it. You assume everyone is going to know about backtrack and going to hack your network. I make the same assumptions sometime, and have to remind myself I am not anywhere near the average user.
I already mentioned cloaking, scroll back up. We also use rotating wep keys, and don't even bother with mac filtering - mainly because it is kind of pointless if wep is broken anyway and no one wants to manage 10 to 12 thousand MAC addresses on our network.
Also, we run a Unix back bone and have a 90% Macintosh population on our network, which by design is way more secure than windows. We also secure everything at the router level, which again is more secure, we also use private IPs which again is more secure. Trust me, I know that network security is not one definitive thing or another, it is layered. We get pegged from China all the time, because over in China they censor the internet, and people try to hack into us all the time to get past their web filters, so we switched over to a software based web filter, which is better.
Now that we have switched primarily to a mac network and all hardware supports WPA2 or greater we will be switching to either RADIUS and require authentication to even gain access to the network, or WPA. Since I work for the government and I am not the IT director I don't make the calls, all I get to do is put my 2 cents in.