×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

WPA2 Wireless Security Crackable WIth "Relative Ease"

timothy posted about 9 months ago | from the relatively-absolute dept.

Wireless Networking 150

An anonymous reader writes "Achilleas Tsitroulis of Brunel University, UK, Dimitris Lampoudis of the University of Macedonia, Greece and Emmanuel Tsekleves of Lancaster University, UK, have investigated the vulnerabilities in WPA2 and present its weakness. They say that this wireless security system might now be breached with relative ease [original, paywalled paper] by a malicious attack on a network. They suggest that it is now a matter of urgency that security experts and programmers work together to remove the vulnerabilities in WPA2 in order to bolster its security or to develop alternative protocols to keep our wireless networks safe from hackers and malware."

Sorry! There are no comments related to the filter you selected.

this is not news (5, Interesting)

Anonymous Coward | about 9 months ago | (#46548803)

This sounds like the classic de-auth, handshake capture, then brute force attack.

It's still a bitch to crack without G.O. resources. Moxie has a service that will try for you...

Re:this is not news (-1, Troll)

Anonymous Coward | about 9 months ago | (#46548953)

This sounds like the classic de-auth, handshake capture, then brute force attack.

It's still a bitch to crack without G.O. resources. Moxie has a service that will try for you...

If you hackers would quit trying to illegally enter places you don't belong, maybe the bad guys would stop copying your crime and give up.

If you can't do the time, don't do the crime.

Re:this is not news (0)

chriscappuccio (80696) | about 9 months ago | (#46549065)

Gee, you're right. Everyone in the world is so black and white, so easy to understand, how could anyone not ever realize this before!?!

Re:this is not news (-1)

Anonymous Coward | about 9 months ago | (#46549109)

Gee, you're right. Everyone in the world is so black and white, so easy to understand, how could anyone not ever realize this before!?!

I blame the niggers. It's their fault.

The white part of the world is running civilization. The black part is destructive to it.

The blacks. It's definitely their fault. Well the blacks and the liberals who make excuses for them. So a black man doesn't wanna be a father to his kid. Yeah definitely it was racism by whites that made the black man abandon the black kid. Sure. Just keep telling yourself that!

Once you go black you're a single mother! Once you go liberal you're a crybaby fucktard that abandons all empiricism and logic to fit a goddamned ideal.

Re:this is not news (0)

Anonymous Coward | about 9 months ago | (#46549201)

I'm trying to understand the reason this kind of thing is posted so often.

1) It's obvious that the point of view is so extreme nobody would mistake it for someone's real thought process.
2) It's a pretty terrible troll. I rarely see anyone reply.
3) It never gets modded up. It's AC anyway so who cares.

Any insight?

Re:this is not news (0)

Anonymous Coward | about 9 months ago | (#46549329)

Every troll has to start somewhere and blatantly racist stuff is the easiest to think up. Still, this is still one step up above copy-pasting GNAA spam, which isn't so much trolling as just flooding.

Re:this is not news (5, Insightful)

anubi (640541) | about 9 months ago | (#46550225)

I think of it as this way. We know our stuff is getting snooped and hacked into. Its high time EVERYBODY knows this stuff is NOT private.

This forum, along with all the other times this has been discussed here on Slashdot, as well as other technical forums, provides evidence that may be one day very useful in a court of law if some copyright holder tries to prove an illegal download took place. If it took place through a wireless network, can it be proven who the recipient of the illegal download was?

We can whine and complain all we want, but if business finds it cheaper to simply include hold harmless clauses in their terms than to provide a robust product, they will do so, but in doing so, they have also removed surety of proof of download for the high and mighty MAFIAA.

The Copyright industry has spent millions of dollars to pamper Congressmen to pass law to make sure no-one can listen to a song unless terms of endearment are complied with... now they are finding out they just put a multimillion dollar lock on a cardboard door.

We do not have the money it takes to pay for Congressmen. The copyright people seem to have unlimited money. Money to hire lots of lawyers and send lots of threat letters. Those letters will be ineffective as long as we have insecure systems and no-one can prove a thing. We may have a problem with insecure systems, and the MAFIAA has a hell of a problem.

This kind of stuff gives everyone and his brother plausible deniability, which now means a total lack of accountability for online activity.

Re:this is not news (-1)

Anonymous Coward | about 9 months ago | (#46550091)

I blame white people. If there were no white people, everything would be black and beautiful, just like your mom.

Re:this is not news (1)

SuperTechnoNerd (964528) | about 9 months ago | (#46551123)

Does this mean I don't have to lock the doors on my house when I go out anymore?

NSA says fuck off (0)

Anonymous Coward | about 9 months ago | (#46549519)

NSA says we'll hack whatever we want fuck you citizen

and where are your papers....

Re:NSA says fuck off (0)

Anonymous Coward | about 9 months ago | (#46550037)

NSA says we'll hack whatever we want fuck you citizen

and where are your papers....

errr.. don't remember.. I don't suppose you could give me a hint please Mister Agent sir.

Re:NSA says fuck off (1)

Phreakiture (547094) | about 9 months ago | (#46550487)

Why are you asking me? You know damn well where my papers are.

Re:this is not news (0)

Anonymous Coward | about 9 months ago | (#46549637)

Obviously you don't understand how security works. It's simple protocol manipulation and math, if we good hackers stop looking for vulnerabilities and reporting them when found. Then the bad hackers will find them and exploit them all they want with no fixed in sight. You will be living in a world of false security, well more so than you are now.

Re:this is not news (0)

Anonymous Coward | about 9 months ago | (#46549815)

Or we can just gas all hackers, "security experts", and programmers and be done with it.

funny thing about security is it always applies (0)

Anonymous Coward | about 9 months ago | (#46550311)

So you start with a bational campaign and a computer database of those people and somehow months later the ones getting gassed are those who supported the idea. Weird eh?

Re:this is not news (1)

Anonymous Coward | about 9 months ago | (#46549221)

Interesting that you could come to the conclusion that this is obvious only six minutes after the story was posted.

Re:this is not news (1)

Anonymous Coward | about 9 months ago | (#46551183)

That you are ignorant of a method's widespread use and common knowledge, does not serve as legitimate cause for you to project that ignorance onto others. This "hack" has been known for some time, arguably since the creation of the protocol, since it is central to the functionality of said protocol. The only development of any note is how much easier it has become in the interim to brute-force passwords, given advancements in CPU/GPU processing power/techniques.

Re:this is not news (0)

Anonymous Coward | about 9 months ago | (#46550377)

What's G.O mean?

Expected (0)

FuzzMaster (596994) | about 9 months ago | (#46548809)

Every encryption scheme will fall at some point. Once quantum computing fully arrives, I guess encryption will be mostly moot.

Re:Expected (-1)

Anonymous Coward | about 9 months ago | (#46548833)

Every encryption scheme will fall at some point. Once quantum computing fully arrives, I guess encryption will be mostly moot.

True. Or you could just compromise a CA and have the keys to the kingdom.

Hacks are always going to be around. Until then, how about you stop worrying about what kind of compiler it's going to take to render a holodeck and start worrying about today's technology being hacked.

Besides, between quantum computing and IPv6, I'm not holding my fucking breath. We've been hearing about this bullshit for years now.

Re:Expected (0, Flamebait)

Anonymous Coward | about 9 months ago | (#46548847)

Be more of a condescending prick. Your comment has some merit, but you ruined it by being an asshole.

Re:Expected (-1)

Anonymous Coward | about 9 months ago | (#46548879)

You're ideas is fucked up, and your a tard. Ass.

Re:Expected (-1)

Anonymous Coward | about 9 months ago | (#46549055)

Be more of a condescending prick. Your comment has some merit, but you ruined it by being an asshole.

I will complain and get offended. How else would anyone know how much better my way can be?!

Re:Expected (5, Informative)

skids (119237) | about 9 months ago | (#46548857)

Once quantum computing fully arrives, I guess encryption will be mostly moot.

Bad guess [wikipedia.org]

Re:Expected (3, Insightful)

ComputersKai (3499237) | about 9 months ago | (#46549037)

Not when encryption methods that make use of quantum computing power come, like a permanently stalemated arms race.

Just when you thought you've sharpened your spear to the finest, your opponent has fortified his shield to the fullest.

Re:Expected (-1)

Anonymous Coward | about 9 months ago | (#46549089)

Not when encryption methods that make use of quantum computing power come, like a permanently stalemated arms race.

Just when you thought you've sharpened your spear to the finest, your opponent has fortified his shield to the fullest.

So - quantum computers are hard for spear-chuckers. We already inferred that, jackass. REGULAR computers are impossible for all but the brightest spear-chuckers. QUANTUM computers? Yeah. We know.

Re:Expected (1)

dickens (31040) | about 9 months ago | (#46549051)

OTP FTW

Re:Expected (2, Insightful)

AaronW (33736) | about 9 months ago | (#46549127)

Just use a one time pad. It's perfectly secure, even to quantum cryptography as long as the source is truly random. Creating a truly random number generator that takes advantage of quantum effects is not terribly difficult. Many modern CPUs now have this support built-in. The only weak point is how you get the one time pad to both locations and that it can only be used once. Even this is possible by having multiple pads sent via different methods and XORing them together at the destination. In order to crack it all copies would have to be intercepted and copied though additional security measures could be added to make even this difficult.

Re:Expected (4, Insightful)

Anonymous Coward | about 9 months ago | (#46549569)

One-time pad truly means one-time pad however. That means a new pad for every single transmission - that's why it becomes untenable.

On the other hand, the way network encryption works is typically this:
(1) Use asymmetric encryption once to securely deliver the remote computer the key to a symmetric algorithm.
(2) Use the symmetric key for the remainder of the communication.

It's possible that RSA is compromised, or that a G.O. has the means to cracking it via an unpublished mathematical discovery, but there are other asyms out there.

Re:Expected (1)

Anonymous Coward | about 9 months ago | (#46549877)

One type pads can work for some things. maybe companies will send you a credit card sized device containing gigibytes of random pad data that you can use to communicate with that company.

Re:Expected (2)

SuricouRaven (1897204) | about 9 months ago | (#46550203)

I can imagine a VPN server with a rack of slots for those (Probably just read-only USB mass storage interface). Give one to the VPN, one to the person going on their trip or working at home. You'd need to send out a new key every now and again, but if a key is good for a couple of months (Doable) then it becomes quite reasonable.

Re:Expected (0)

MikeBabcock (65886) | about 9 months ago | (#46550547)

And then just like a password attack, someone cracks their database and dumps all the OTP data and you're no longer secure.

Re: Expected (1)

Anonymous Coward | about 9 months ago | (#46550379)

"moot", you keep using that work like that. It doesn't mean what you think it does.

Re:Expected (0)

Anonymous Coward | about 9 months ago | (#46551009)

Once quantum computing fully arrives, I guess encryption will be mostly moot.

Yeah, if you live in a fantasy land where quantum computing is magic.

Eh... (5, Insightful)

Anonymous Coward | about 9 months ago | (#46548815)

Reads article...

Longer passwords make brute force cracking more difficult... Possible attack vector via the wireless de-authentication and re-authentication that WPA2 connections maintain for clients... With potential fast scanning and proper spoofing, an intruder could knife their way it...

Why does this feel like nothing new?

Re:Eh... (1)

MtViewGuy (197597) | about 9 months ago | (#46550569)

It could be fixed by upgrading the software used by routers and by client devices, but 1) everyone has to agree on an updated standard and 2) how are they going to do the upgrade for Android-based cellphones? (Easy to do on an Apple iOS device--just run an update to iOS itself.)

keep our wireless networks safe from hackers... (3, Insightful)

fustakrakich (1673220) | about 9 months ago | (#46548817)

How do you keep something you never had?

Re:keep our wireless networks safe from hackers... (1)

Anonymous Coward | about 9 months ago | (#46548859)

We don't have wireless networks?

Re:keep our wireless networks safe from hackers... (1)

Larryish (1215510) | about 9 months ago | (#46549421)

No, we never had hackers. Duh.

MAC filtering and PSK (2)

roman_mir (125474) | about 9 months ago | (#46548831)

At least use MAC filtering and Pre Shared Keys together with WPA2, this will lower the probability of a successful attack happening.

Re:MAC filtering and PSK (3, Insightful)

compro01 (777531) | about 9 months ago | (#46548987)

MAC filtering does nothing useful. You're shouting your MAC from the rooftops any time you're connected to the network, so cloning it is exercise in triviality for any attacker with an IQ greater than their hat size.

Re:MAC filtering and PSK (4, Funny)

Concerned Onlooker (473481) | about 9 months ago | (#46549227)

Ooops. I'm going to have to get a smaller hat.

Re:MAC filtering and PSK (2)

koinu (472851) | about 9 months ago | (#46550197)

MAC filtering even lowers security. Some lazy crackers might have not changed their MAC when they are attacking and it could be easier to identify them next time. When they are spoofing MACs they use your own MACs which they see on your network. You basically (could) lose information about the attackers. And this is bad.

Re:MAC filtering and PSK (0)

Anonymous Coward | about 9 months ago | (#46550843)

MAC filtering does nothing useful. You're shouting your MAC from the rooftops any time you're connected to the network, so cloning it is exercise in triviality for any attacker with an IQ greater than their hat size.

So then most attackers [wikipedia.org] will be stopped. Got it, thanks!

it's bad enough with regular passwords (1)

ruebarb (114845) | about 9 months ago | (#46548841)

I already have to tell friends and family to use a alphanumeric password not based on a dictionary word - I was helping a friend find out why her wireless charges were so high, and using backtrack and some basic documentation - (knowing almost nothing about wireless security) - I was able to find out her wireless password based on the fact she was using a regular word in my dictionary list

wireless = never safe

Re:it's bad enough with regular passwords (-1)

Anonymous Coward | about 9 months ago | (#46548887)

I was helping a friend find out why her wireless charges were so high

She didn't want her wife to know she was surfing hot male porn? The straight girl next door guessed the password, honest.

Re:it's bad enough with regular passwords (0)

Anonymous Coward | about 9 months ago | (#46549425)

She's such a breeder!

Re:it's bad enough with regular passwords (2)

Mashiki (184564) | about 9 months ago | (#46548977)

You think that's bad? Wait until you run across the issue where your ISP doesn't even both to set up basic passwords on your wireless hub. [dslreports.com]

Re:it's bad enough with regular passwords (1)

DarwinSurvivor (1752106) | about 9 months ago | (#46549617)

You think that's bad? Wait until you run across the issue where your ISP doesn't even both to set up basic passwords on your wireless hub. [dslreports.com]

Ok, now I'm curious!

Re:it's bad enough with regular passwords (1)

jones_supa (887896) | about 9 months ago | (#46549925)

Well, as a network segment, wireless looks like a hub (all traffic reaches all clients).

Re:it's bad enough with regular passwords (1)

DarwinSurvivor (1752106) | about 9 months ago | (#46550079)

touché

Re:it's bad enough with regular passwords (1)

SuricouRaven (1897204) | about 9 months ago | (#46550215)

Except it doesn't, quite. Horizon problem: A is in range of the AP, B is in range of the AP, A and B are not in range of each other. If A sends a broadcast frame the AP will relay it so B can recieve it, but it doesn't do that for unicast packets for which it knows the recipient MAC address is on the wired side.

Re:it's bad enough with regular passwords (1)

Rich0 (548339) | about 9 months ago | (#46550373)

Heck, some ISPs probably still distribute wireless APs that only support WEP.

Re:it's bad enough with regular passwords (0)

Anonymous Coward | about 9 months ago | (#46549125)

Alphanumerics are last century. Use a long passphrase. Might I suggest battery horse correct staple?

Re:it's bad enough with regular passwords (2)

fnj (64210) | about 9 months ago | (#46549235)

Use a long passphrase. Might I suggest battery horse correct staple?

You insensitive clod! You just blabbed my password. Now I'll have to change it to capacitor mule wrong nail.

Oh wait ...

Re:it's bad enough with regular passwords (0)

Anonymous Coward | about 9 months ago | (#46549297)

Oh wait ...

Wait for what?

Re:it's bad enough with regular passwords (0)

Anonymous Coward | about 9 months ago | (#46549427)

Wait for him to change his password before you log in...

Re:it's bad enough with regular passwords (1)

Anonymous Coward | about 9 months ago | (#46549481)

A moderate-length (24+ chars) phrase will be way more secure than your random pattern of letters, numbers and characters, PLUS it's FAR easier to remember, thereby reducing the odds that the super-secure gobbledy-gook you forced them to invent wont just get written down on a piece of paper and stuck to the refrigerator door for every passer-by to read...

Oblig XKCD [xkcd.com]

-AC

Re:it's bad enough with regular passwords (1)

Anonymous Coward | about 9 months ago | (#46550281)

For a system where finding a written-down password is as difficult or easy for an attacker as getting physical access to the network, creating a long truly random password and writing it down really isn't such a bad idea. On the other hand, a phrase which is comprised of dictionary words, chosen by a human and "moderate length" according to your definition does not have enough entropy. Researchers found human-chosen four-word passphrases to have only about 20 bits of entropy. That's far less than a truly random 8 character password (which is also not sufficient).

EAP? (1)

manu0601 (2221348) | about 9 months ago | (#46548855)

I understand this is about recovering the PSK. This would mean that authentication using a certificate, such as EAP-TTLS is still safe. Correct?

Re:EAP? (4, Interesting)

skids (119237) | about 9 months ago | (#46548925)

Can't tell what exactly the paper is about due to a paywall and the fact that the article was written by someone not very techincal.

EAP-TTLS, as long as you are validating the server certificate, is pretty safe. Safer with a locally managed CA and installed client cert, but at least as safe as the web browsing you'll be doing on it after connecting anyway. The safety advantage to WPA-Enterprise over WPA-PSK is mainly due to the fact that you don't have to distribute the same easily-cloned PSK to every client. In addition, if installing and validating client certificates (not the usual mode for EAP-TTLS) they can be locked to specific user accounts. For keeping out the riff-raff they can be locked to MAC addresses as well but that only serves to ban the amateurs.

Re:EAP? (4, Interesting)

WaffleMonster (969671) | about 9 months ago | (#46549361)

I understand this is about recovering the PSK. This would mean that authentication using a certificate, such as EAP-TTLS is still safe. Correct?

I would say in practice "enterprise" password authentication via TLS (PEAP-* and TTLS-*) is the least secure authentication method for the simple reason virtually no client is configured properly to validate both certificate and identity.

The end result TLS is effectively subject to MITM attack for the overwhelming majority of clients...leaving squishy inner PEAP/TTLS authentication protocol (all completely worthless)

In my view EAP-TLS with mutual certificate authentication is still the most secure authentication option available.

Stanford's SRP protocol would be awesome to protect WPA passwords I believe it could be implemented with minimal changes to existing TLS stacks ... simply do TLS-SRP via EAP-TLS EAP method instead of the cert auth ... you get secure password authentication without the offline attack vector, or having to implement a new EAP method from scratch.

Re:EAP? (1)

manu0601 (2221348) | about 9 months ago | (#46549391)

You mean that clients do not check proper certificate signature by the CA?

Re:EAP? (0)

Anonymous Coward | about 9 months ago | (#46549405)

not by default
  and especially not with a self signed cert on your radius server(s)

Re:EAP? (2)

WaffleMonster (969671) | about 9 months ago | (#46549513)

You mean that clients do not check proper certificate signature by the CA?

The main problem is not so much CA validation but lack of a global namespace.

When I type https://www.securesite.com/ [securesite.com] into my browser the only certificates my browser accepts are the ones explicitly for www.securesite.com... certs for www.someothersite.com don't work.

With EAP authentication no such check is done automatically by default. To be secure the client must explicitly select a CA **AND** certificate identity (e.g. www.securesite.com) ... otherwise you might well be presented with a valid certificate.... yet you won't know if it is one legitimately assigned to an attacker. Attackers after all can buy SSL certs the same as you or I.

In too many cases the extra work is simply asking too much of the user... some mobile clients are not even able to provide necessary configuration options to secure it.

Re:EAP? (1)

manu0601 (2221348) | about 9 months ago | (#46550729)

Attackers after all can buy SSL certs the same as you or I.

But AFAIK, there is no preloaded CA for EAP. You install only the CA of your organization, which narrows the opportunities to have a valid certificate.

But indeed if someone steals any certificate you signed with the installed CA, an attack is possible. That advocates for using a sub-CA, or a dedicated CA just for EAP.

Re:EAP? (0)

Anonymous Coward | about 9 months ago | (#46550263)

The fact of the matter is that IEEE 802.11i (now part of mainstream 802.11) does not specify or require a particular EAP method. The only requirement is that the EAP method supply keying material.

The two in common use are in common use today because they are the two that were (are?) supported in the Microsoft supplicant, originally in Windows XP.

Other commercial plugins exist to supplement those two, and there is nothing preventing implementation of the protocol you mention, again, as long as it produces keying material. There is also a need for the Authentication Server to support it, as the STA (commonly called the client) and the AS (Authentication Server) have to share the protocol (EAP Method). The AP simply passes it through, and accepts the keying material, which becomes the PMK (Pairwise Master Key).

In the most common enterprise environment, i.e. one running on MS servers with AD, all of this can integrate into the AD, and if the enterprise has gone to the trouble to deploy client certs for the authentication of their users at Windows login time, they can be used for the wireless setup as well, all transparent to the user.

Few enterprises are operating at that level in my experience.

Cheers....

Re:EAP? (1)

MikeBabcock (65886) | about 9 months ago | (#46550555)

Importantly, this is also where we get into that root cert problem for companies that people complained about in a recent /. story because a lot of companies just use their own internal CA to authenticate the certs for both users and wireless devices which requires installing their root CAs on the machines and trusting them.

why crack my Wi-Fi (0)

Anonymous Coward | about 9 months ago | (#46548869)

So you can read this totally unencrypted message I just posted? I don't know why I even enabled WPA2, I expect it was the default setting. WPA2 keeps the neighbors from eating mah bandwich?

Re:why crack my Wi-Fi (1)

skids (119237) | about 9 months ago | (#46548933)

WPA2 keeps the neighbors from eating mah bandwich?

Try "it keeps people from injecting exploits into your computer by impersonating web servers." Be glad you enabled it.

Re:why crack my Wi-Fi (0)

Anonymous Coward | about 9 months ago | (#46548981)

Gladness enabled! I'm so happy now.

Re:why crack my Wi-Fi (1)

MikeBabcock (65886) | about 9 months ago | (#46549259)

No, that's SSL.

Re:why crack my Wi-Fi (2)

davidhoude (1868300) | about 9 months ago | (#46549345)

Because SSL on Open WiFi is fool proof....

He was correct. While you are also correct, you failed to see the attack vector. If the network is not secure, your SSL may not be effective, at least not for all users.

Re:why crack my Wi-Fi (2)

SuricouRaven (1897204) | about 9 months ago | (#46550253)

SSL is designed to operate over insecure networks. That's the idea.

Re:why crack my Wi-Fi (1)

Lloyd_Bryant (73136) | about 9 months ago | (#46550675)

WPA2 keeps the neighbors from eating mah bandwich?

Try "it keeps people from injecting exploits into your computer by impersonating web servers." Be glad you enabled it.

How about "it keeps you from being hauled off to jail by some really mean feds because someone used your wireless to download kiddie porn"? *That* most people can easily understand.

Re: why crack my Wi-Fi (-1)

Anonymous Coward | about 9 months ago | (#46548949)

Until someone cracks ya shit, downloads some kiddi porn, and your explaining to the FBI how you had no idea how that got on your PC... Security is a pretty good idea at that point!

so? (4, Insightful)

the_Bionic_lemming (446569) | about 9 months ago | (#46548889)

Brute force attacks compromise simple passwords?

This is news?

Known for years (0)

Anonymous Coward | about 9 months ago | (#46548905)

This attack has been known for years. Am I missing something? How is this \news\ ?

It's kind of silly to worry about (5, Insightful)

msobkow (48369) | about 9 months ago | (#46548907)

The only reason I encrypt my wifi connections is to prevent casual wanderers from connecting to my network and sucking up bandwidth. Any data that needs securing is encrypted by the computer, not by the modem/router.

If I could get proper password protection without the encryption, I wouldn't bother encrypting the traffic. I could care less who snoops it -- so long as they're not sucking up bandwidth.

Re: It's kind of silly to worry about (0)

Anonymous Coward | about 9 months ago | (#46549107)

Google "dsploit"

Re:It's kind of silly to worry about (2, Insightful)

Anonymous Coward | about 9 months ago | (#46549255)

Uh, you're forgetting that a wifi connection is two way. If they can get onto your network, they're inside your hardware firewall. Better hope you have a good software firewall and/or that you don't have any exploitable services.

Re:It's kind of silly to worry about (0)

Anonymous Coward | about 9 months ago | (#46549413)

All my lap warmers have software firewalls set to deny all. I don't run any servers on wireless, the uplink isn't reliable enough.

Re:It's kind of silly to worry about (2)

DarwinSurvivor (1752106) | about 9 months ago | (#46549661)

That still won't protect you from arp poisoning, DNS redirects (or direct forging), SSL Stripping, the list goes on.

Re:It's kind of silly to worry about (0)

Anonymous Coward | about 9 months ago | (#46549693)

Oh no! Not ARP poisoning! I think I'll switch back to wired Ethernet and unmanaged switches, those are the safest. But no, how can I be sure I can trust the firmware in an unmanaged switch? There could be malware in there, rewriting my precious packets! Oh no!

At some point you just have to say FUCK IT.

Re:It's kind of silly to worry about (2)

Burz (138833) | about 9 months ago | (#46550411)

That's why security is not a boolean. If you regard it as black-and-white, it'll drive you nuts.

Be thankful you can at least whittle the trust issues down to things like switch vendors.

Re:It's kind of silly to worry about (0)

Anonymous Coward | about 9 months ago | (#46550213)

One of the software firewalls I use has a option to secure the ARP cache on the system and prevent poisoning. I have never tested if it works thought.

Wouldn't SNORT/Suricata be able to detect ARP poisoning?

Wireless Access Points = Hacker Access Points (2)

millertym (1946872) | about 9 months ago | (#46549113)

If you are even the slightest bit concerned with the security of data on your network, isolate wireless completely from your secure data. In my very unscientific estimate it seems 90%+ of the usefulness of wireless is for just basic internet access for executive types anyhow who don't need to be checking production data.

Probably no science here... (0)

Anonymous Coward | about 9 months ago | (#46549117)

Its behind a cowards pay wall. THe link at the bottom is for the fraud article about the Wi-Fi virus that can magically infect all computers and wireless routers. Man do I love not having to expose "research" to public scrutiny.... What a cushy life.

Backdoored (0)

Anonymous Coward | about 9 months ago | (#46549559)

If anyone can find a backdoor it will be three Greek guys.

What has limited the attack number in WPA-PSK? (1)

dutchwhizzman (817898) | about 9 months ago | (#46549987)


What has limited the attack number in WPA-PSK? That's the question I have after reading all the data that is freely available. From what I know and can gather about this, the researchers found a way to reduce the amount of brute forcing required to guess the key in WPA-PSK. They used something in the de-auth and probably re-auth after that to gather information about the key to do so.

Paywalling this information is a bad thing. Either do a full disclosure, or keep it secret and notify all vendors that are vulnerable. What we have now is Fear, Uncertainty and Doubt. The result will be that the bad guys will find out how it's done and implement a practical attack that we don't know how to detect or defend against. Alternatively, a white-hat will find out or pay for the article and publish it. That will probably result in the white-hat getting sued for leaking the information in the article. Regardless what will happen, this is probably the worst way to tell the world of a security vulnerability in a product used world wide by over a billion people.

Universities should stop requiring publication in papers that aren't free to read, or free to publish in. The quality of the paper is of secondary importance to the magazine if people have to pay to get published. The reach to people for which the research is relevant is limited if the audience has to pay for reading the article. In my opinion, requiring at least three positive peer reviews from other universities or something similar, would be a much better way to make sure that research is up to standards and relevant than a short list of places that will publicise a paper. Reviewing papers from other universities should be part of the mandatory tasks students have to fulfil in order to be allowed to write their own paper.

Re:What has limited the attack number in WPA-PSK? (2, Informative)

Anonymous Coward | about 9 months ago | (#46550325)

Nobody knows what they did, because their paper is paywalled. From afar, it looks like the a compilation of standard attack methods. The WLAN standard uses unencrypted deauthentication packets, which enables an attacker to kick anyone from the network without knowing the network's encryption key. This can be used in a denial-of-service fashion, where the attacker continously deauths everyone, so that nobody can use the network. Or it can be used once on the victim: The victim will automatically reconnect to the network, which gives the attacker an opportunity to capture the handshake which includes the key negotiation. The attacker can then use this recording to perform an offline brute force attack to find the key. If the attacker guesses the key, he's in.

Without using deauth, the attacker would just have to wait until the victim connects to the network on its own. That's not going to stop a determined attacker, i.e. one who attempts a brute force attack on WPA-PSK.

Long story short: If that's it (I don't see any hint that it's not), then a sufficiently random pre-shared-key prevents a successful attack.

Giving up on security (0)

Anonymous Coward | about 9 months ago | (#46550053)

Maybe the harder we try to secure the harder "they" try to circumvent it. I hardly think you have such sophistication in attempts to break into home WiFi. This really is more about sensitive business related networks. Which in my opinion is a problem anyway using any kind of wireless connection. Maybe the point is that any wireless connection should be considered more vulnerable then a wired one?

Encrypted Management Frames (2, Informative)

Anonymous Coward | about 9 months ago | (#46550231)

It's called 802.11w and introduces encryption on management frames (so de-auth attack is out), this problem is solved. It's up to vendors/developers to implement it.

Re:Encrypted Management Frames (0)

Anonymous Coward | about 9 months ago | (#46550429)

Unless RF jamming is employed requiring the client to reconnect.

Gawd (0)

Anonymous Coward | about 9 months ago | (#46550391)

Who would have thought a pre-shared key scheme could be so difficult to make secure? Pre-shared key? There's 90% of the sodding work done for you.

New Low (-1)

Anonymous Coward | about 9 months ago | (#46550451)

Slashdot, you've reached a new low. This is a ridicilously old de-auth technique. The paper even mentions how they can "spoof" MAC Addresses.

Werid (1)

jon3k (691256) | about 9 months ago | (#46550823)

This article is a really takes a really roundabout way to tell you computers are getting faster...

Use Windows 8 (-1)

Anonymous Coward | about 9 months ago | (#46551231)

Then wireless networking will either not work or fail constantly or be so badly degraded that you won't care about anything

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?