Microsoft, Buffalo, Mediabolic partner for simplified network setup, including Wi-Fi: Microsoft Windows Rally will combine what sounds like "zeroconf," a network technology developed by an Apple engineer and now used as Bonjour in Mac OS X, and simplified Wi-Fi encryption setup, such as that in Atheros JumpStart or Broadcom's SecureEasySetup. It will certainly go beyond this, but it requires every hardware vendor of scale to sign on to make it worthwhile. Otherwise, you'll have little Balkanized oceans of interoperability with Rally.

Here's the somewhat buzzwordy description in the Buffalo/Mediabolic press release:

"Windows Rally Technologies are a set of networking technologies designed to make the configuration of wireless networks secure and effortless for consumers. Additionally, Windows Rally Technologies enable link-layer topology discovery to automatically detect devices on the network, determine how they are interconnected, provide quality of service for in-home audio/video streaming, and represent the network in graphic form. The ability to visualize home networks is designed to help users identify connectivity issues that need corrective action."

The first part is easy setup for secure networks. Buffalo has had its AOSS (AirStation One-Touch Secure System) for some time, but it involves a hardware button and only works with other Buffalo devices. This system requires the entry of a PIN on appropriate connected devices, which means that all devices that connect need some form of display and input. Also, I don't see anything in the descriptions currently available that provide protection for man-in-the-middle attacks through an out-of-band validation method. Even if they'd using, say, Diffie-Hellman key exchange, which allows public exchange of two keys, they still have the MitM issue, as do all public key exchange systems. It's possible that Rally will require unique keys embedded in the devices, signed by certificate authorities the keys for which will also be stored in devices. If so, that can enable the PIN to be passed without an MitM attack.

The second part involves something like Bonjour/zeroconf in that devices will advertise their availability through some trigger--the press release and other material describes a process in which devices, when they appear on the network, are discovered and connected to without extra intervention. That goes a step beyond Bonjour, which offers discovery and network negotiation for automatic configuration, but it won't enable devices to work with a computer or other devices without manual intervention.

Read more at: http://wifinetnews.com/archives/006597.html.