O Canada! > Canadian > Bell Canada > [Internet] Sagemcom F@st 2864 WPS Vulnerability??

[Internet] Sagemcom F@st 2864 WPS Vulnerability??

don't use pin, problem solve?

Disabling WPS doesn't solve the problem on all routers, even if you don't use the pin the vulnerability exists.

The only way to protect yourself now is to disable wireless altogether on your router.

--
To find the right answer one must know the right question.

Disabling WPS on some routers does solve the problem, only some have a bug where WPS is not in fact disabled. So the question for the Sagemcom is: does disabling WPS actually disable WPS? Or does it suffer from the Cisco issue?

1) While the vulnerability exists in WPS, best practice is to have WPS disabled by default.
- The Sagemcom is supposed to this (perhaps someone can confirm)

2) Disabling WPS should ensure WPS is disabled.
- The Sagemcom is supposed to this, but it appears some RGs suffer a bug where they do not. This should be validated.

3) WPS Fundamental Vulnerability
- until the WPS standard has come up with a solution there is nothing the Wi-Fi implementers can do except wait and implement items #1 & #2.

So at this point I would say we do not know that the Sagem requires a firmware upgrade at this time. If the current firmware performs items #1 & #2 there is nothing more they can do at this time.

We'll see if anyone can comment on if they know if items #1 and #2 work on the Sagemcom or not.

reply to Hilroyy

reply to Hilroyy
The flaw only applies to PIN based systems which use an external register. Some of these routers also lack any basic blocking system (ie three wrong codes = a timed lockout) which allows a hacker to keep testing different codes.

Also in some cases it’s been reported that turning off WPS in the firmware does not actually turn the feature off.

Easiest way to find out is to test it using the WPA crack tools which have been released.

reply to Hilroyy
Gotta agree with Thane here. only way to know for sure is to try it yourself.

»lifehacker.com/5873407/how-to-cr···h-reaver
--
To find the right answer one must know the right question.

Ugh, I hate how they say it cracks the WPA/WPA2 encryption when in fact it does not. The tool only cracks the WPS PIN. Once you know this PIN, the router/access point will happily give up the WPA/WPA2 key. Hence the stupidity of WPS.

WPS button systems are ok, though in practical turns a user needs all their hardware to support it and then run around the house activating it on all wireless devices within the narrow registration window. Not exactly convenient and only works if a person has physical access to the router.

The WPS PIN scheme allows any device to connect at any time provided it has the PIN. Protecting a large security key (up to 63 ASCII characters long) with an eight digit number is so stupid, I can't begin to describe how incredibly stupid it is. / RANT

Anyways if you have the time and hardware to test it, please go a head. Bell used to provide WEP encryption on their wireless products long after that system was broken (in fact they still do). They don't mention the security flaws with WEP at all on their site.

More traffic through your network to the Internet = higher bandwidth costs to you and more profit for Bell.