Slashdot Mirror
WPA Weak Key Cracker Posted
Glenn Fleishman writes "The folks at TinyPEAP released a cracking tool to break Wi-Fi Protected Access (WPA) keys. WPA is the replacement for weak WEP keys in the original 802.11b specification. Robert Moskowitz of ICSA Labs released a paper almost exactly a year ago documenting how WPA keys that were short and lacked randomnness could be subject to cracks. This tool automates the process. Moskowitz advised choosing passphrases of more than 20 characters or generating random keys of at least 96 bits, but preferably 128 bits. Some tools exist to produce better keys, including chipmaker Broadcom's SecureEZSetup (in selected hardware) and Buffalo Technologies' hardware-based AOSS for automatic key generation and propagation. Enterprise-based WPA with 802.1X doesn't have this weakness: each user gets a long WPA key that's randomly generated and uniquely assigned--and can be frequently changed during a session."
The deal was for you to actually do it, not explain how to do it. /monkey bitch slaps you
... and in the DRM, bind them.
D-Link's install software for the AirPlusXtremeG WiFi adapters generates a 60 digit random hexadecimal number for use as a pre-shared key.
The Daily Mirror is one of the United Kingdom's largest newspapers. Here is their front page on the day after the election (PDF file): Daily Mirror Front Page: How could 59,054,087 people be so dumb?.
Point taken - I won't put anything important on my wireless access, but then again, I am about as likely to have someone out here care about spoofing me as I am to have some gang-bangers drive the 50 miles to my "hood" and rough me up.
Computers are becoming more like regular life - assume someone will someday see what is on your computer, just like your are probably being watched by security/traffic cameras all the time.
heh, "play nice", even when you think no one is watching and you will be ok.
This issue is a bit more complicated than you think.