Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Wireless Security Standard Has Old Problem?

Posted by simoniker on from the it's-always-something dept.

eggboard writes "Wireless security expert Robert Moskowitz, who sits on IEEE and IETF committees on that subject, sent me a short paper on a glaring weakness in the Wi-Fi Protected Access (WPA) protocol that's replacing the weak and broken WEP system well discussed here at Slashdot. His paper, which I've posted here, proves definitively that while WPA itself remains robust and secure, the interface for choosing consumer passwords makes it simple to snarf a tiny bit of network traffic and perform an offline dictionary attack. For Slashdot readers, this probably seems trivial, but because Linksys, Apple, and others are letting users enter My Dog Has Fleas as their passphrase, WPA might be less secure for home users than WEP."

1 of 249 comments (clear)

  1. Passphrase sucks... by craenor · · Score: 0, Offtopic

    Carry on, nothing to see here.