Everyone should know that many routers do not actually obey when you turn off WPS. (viz: Linksys et al) They say they do, but they actually don't. Upgrade your firmware.
And many remain unpatched - recent firmware for WRT610N and WRT160NL for example - WPS still cannot be fully shut off...
I didn't bother with the Pinapple; it's just a nice handy pre-packaged unit, and I roll my own.
It has it's purposes, but one thing to note is that it's pretty underpowered, and slow... it's a tool, like anything else, but knowing this, it does have some use - kismet-drone for one.. or one can use it as fakeAP, etc.. most pro's will stay away from it, mainly again due to the lack of horsepower...
Oh, did I mention? It's slow..
That ultrabook with the right SW and wireless adapters does pretty much the same thing, and much faster at it.
WPA/WPA2 require at least an 8-character password. Recently I did some calculations on brute-forcing every permutation of a 10-char password using oclHashcat and my massively-parallel AMD 7970 GPU -- it would take 3,490 YEARS to try every combination. Fortunately there are shortcuts to rumble complex passwords. (combinator, Markov)
Proper passwords on WPA2/AES are more than adequate - biggest challenge there is rainbow tables and folks not using good combinations - don't have to go overboard - example --> Ahphie6yaehi - easy to remember as a mnemonic, but tough to crack...
And it's easy to set up a cloud instance (just takes money) and hash things out there - iirc, there is an outfit that does this on a per instance basis, and can generally return an easy passphrase in less than an hour..
I'm in the process of building my own router, running in my server machine, as I want total control over the hardware and software. It'll be CentOS 7.1 Minimal running in a Xen VM, using Shorewall for firewall and to masquerade between interfacen. I'll also run Suricata, Snorby, and Squert for IDS.
The hardware was a problem because I have only one PCIe slot left, and no extra ethernet, but luckily I found the
only multi-card mini-PCIe adapter in existence. This will carry a dual-port gigabit mini-PCIe and a
Doodle Labs ac mini-PCIe. And I've ordered
SuperPowerSupply 6dBi gain blade antennae, spaced as far apart as I can make them on the case.
You mentioned this earlier - rolling one's own - please keep folks updated as to the progress - after some though, running it on top of Xen could be interesting indeed...
Checked on the Doodie Labs cards - most of them look like Atheros based - I would check with them before ordering to ensure the vendor - decent drivers that good support for HostAPd will save a lot of aggravation here, esp with some newer kernels - if i recall, there was a major change in the mainline right around 3.10 that broke many drivers out there...
With the antennas - since you're running dipoles, to get best performance, the spacing is somewhat critical - aim for half-wave Lambda for 2.4Ghz, and you'll get good spacing for 5GHz as a result - proper spacing can get you about 2-3 dB of additional Rx/Tx gain...
I've always considered those who network multimedia over 2.4GHz, as ignorant clods. I've used 5GHz for years, and don't understand anyone who uses 2.4GHz, especially those who are more technically-savvy. Don't be an a55hole; get away from the amateurs.
I think this probably mirrors the same exact thoughts than many of the more experienced folks have... but people are people...
Please elaborate on the TKIP vuln.
The TKIP holes have been around since, hmmm, at least 2008, where certain packets can be injected as a MIM attack - the bigger concern is that WPS can make things even easier yet, as the keyspace is fairly limited...
tkiptun-ng is a part of aircrack-ng, there's a write up at the following URL:
http://www.aircrack-ng.org/doku.php?id=tkiptun-ng