 Ronnie_USAPremium
join:2003-10-09
Morehead, KY
kudos:5
 ·Time Warner VOIP
| Researcher discovers WPA2 security vulnerability A senior wireless security researcher at AirTight Networks has uncovered a hack for encrypted wireless networks that does not require an encryption key, one the vendor calls a documented yet little know vulnerability for WPA2.
The whole article can be read here>> »www.infosecurity-us.com/view/112···ability/
It's not good if it's true. |
|
 Khaine
join:2003-03-03
Australia | Its overrated. To use this 'hack' you need to have knowledge of the PSK, so you can break the session keys of others. |
|
 ashrc4
join:2009-02-06
australia | reply to Ronnie_USA
Mentioned here also with some more links:
»Hole196 / WPA2 Enterprise vulnerability
--
Paradigm Shift beta test pilot. So far nothing to report.
Now is the not right time to stop folding. |
|
|
|
Ronnie_USAPremium
join:2003-10-09
Morehead, KY
kudos:5 Reviews:
·Time Warner VOIP
| Thank You, I looked and didn't see anything before I posted this. |
|
 Ecoli
join:2002-01-16
united state | reply to Ronnie_USA
According to Ahmad, the Hole 196 vulnerability “allows authorized users to bypass private key encryption and authentication”, making networks particularly vulnerable to insider threats. For the vulnerability to occur it has to come from the "inside". Inside jobs will always be a security compromise so no sense to go "the sky is falling" for this CNN-esque style of "news". |
|
| reply to Ronnie_USA
Thx  Network World has a more detailed article: »www.networkworld.com/newsletters···ss1.html |
|
 altermattPremium
join:2004-01-22
White Plains, NY
 ·Verizon FiOS
1 edit | reply to Ronnie_USA
And some more for those who can't get enough links  :
WPA/WPA2 ENCRYPTION: A POSSIBLE WORKAROUND
It seems using WPA or WPA2 is not as secure as we would like to believe. ...[For example] A possible WPA2 vulnerability is being aired at this year’s Defcon and Black Hat conventions...»blogs.techrepublic.com.com/secur···=nl.e101
and
"In 2008, I speculated about the future of distributed security cracking. That future has arrived, in the form of a $17 “cloud” based service provided through the efforts of a security researcher known as Moxie Marlinspike. It is effective against pre-shared key deployments of both WPA and WPA2 wireless networks."
»blogs.techrepublic.com.com/secur···=nl.e036
--
The truth of a thing is the feel of it, not the think of it. -- Stanley Kubrick |
|
2 edits | Just dont use WiFi if we are that concerned.
Even with the most secured WiFi configurations, I still would not trust it esp, in public places....
Its still better to go hard wired..Esp. when you dont do alot of travelling... |
|
| reply to altermatt
said by altermatt:"In 2008, I speculated about the future of distributed security cracking. That future has arrived, in the form of a $17 “cloud” based service provided through the efforts of a security researcher known as Moxie Marlinspike. It is effective against pre-shared key deployments of both WPA and WPA2 wireless networks." » blogs.techrepublic.com.com/secur···=nl.e036 FUD. This is a brute force cracker and will only work against weak keys. Good luck in trying to brute force my 63 character random key. It would take every machine on earth longer than the age of the universe.
--
Getting people to stop using windows is more or less the same as trying to get people to stop smoking tobacco products. They dont want to change; they are happy with slowly dying inside. -- munky99999 |
|
ashrc4
join:2009-02-06
australia | reply to Khaine
said by Khaine:Its overrated. To use this 'hack' you need to have knowledge of the PSK, so you can break the session keys of others. Cafe's etc.
The dropping potential for crims will be tempting.
--
Paradigm Shift beta test pilot. So far nothing to report.
Now is the not right time to stop folding. |
|
Khaine
join:2003-03-03
Australia | said by ashrc4:said by Khaine:Its overrated. To use this 'hack' you need to have knowledge of the PSK, so you can break the session keys of others. Cafe's etc. The dropping potential for crims will be tempting. How many cafes use WPA? If anything they run open wifi with a http redirection to a login. |
|
