Researchers Crack WPA Wi-Fi Encryption

← Back to Stories (view on slashdot.org)

Researchers Crack WPA Wi-Fi Encryption

Posted by CmdrTaco on Thursday November 6, 2008 @03:50AM from the now-they'll-know-my-secrets dept.

narramissic writes "Researchers Erik Tews and Martin Beck 'have just opened the box on a whole new hacker playground, says Dragos Ruiu, organizer of the PacSec conference. At the conference, Tews will show how he was able to partially crack WPA encryption in order to read data being sent from a router to a laptop. To do this, Tews and Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes. They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack. 'Its just the starting point,' said Ruiu."

89 of 311 comments (clear)

Min score:

Reason:

Sort:

Meh by Anonymous Coward · 2008-11-06 03:53 · Score: 5, Interesting

Cat5
1. Re:Meh by Anonymous Coward · 2008-11-06 04:37 · Score: 3, Insightful
  
  What you say is true, but you make it sound like obtaining physical access is trivial. In many cases it's not. On the other hand, obtaining unauthorized access to wireless networks is easy, cheap, and relatively safe (as in risk-free).
  BTW, CAPTCHA -- "burglars".
2. Re:Meh by von_rick · 2008-11-06 04:45 · Score: 2, Funny
  
  Of course you can.
  If you want to take it to its logical conclusion, you can make that person hand you all his passwords and personal information if you storm into his house swinging a baseball bat or a samurai sword. I have seen some hollywood movies where the the president hands over the codes to national treasury to criminal masterminds who threaten to detonate nuclear bombs in metropolitan areas during some ceremonial parade -- that is until the retarded hero (usually Bruce Willis) shows up.
  
  --
  Face your daemons!
3. Re:Meh by monkeySauce · 2008-11-06 05:32 · Score: 4, Funny
  
  Bah... cat5 is already broken, and cat5e is next.
  Got to think cat6 at least, if not cat7. They're much thicker; harder to break.
4. Re:Meh by Otto · 2008-11-06 06:05 · Score: 3, Funny
  
  You can even do it without physical access on cheap routers and/or modems, by pointing a good digital camera and a telescope at the blinkenlights on the front of them. :D
  
  --
  - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
5. Re:Meh by Endo13 · 2008-11-06 06:19 · Score: 4, Funny
  
  Apparently you just haven't watched enough movies. Obtaining physical access IS trivial. All you need is a hot chick to go swipe the security guard's badge that he conveniently left lying on his desk, and you're guaranteed access anywhere in the building.
  
  --
  There is no -1 Disagree mod. Slashdot.org/faq defines mod options. USE IT.
6. Re:Meh by Endo13 · 2008-11-06 06:24 · Score: 4, Funny
  
  Well duh, of course it's trivial. They're always swooning over you. (Well, except when they're pretending to fight with you, but even then they always come around just in time.) Haven't you learned anything from Hollywood??
  
  --
  There is no -1 Disagree mod. Slashdot.org/faq defines mod options. USE IT.
7. Re:Meh by fataugie · 2008-11-06 06:43 · Score: 5, Funny
  
  Yeah, except smarts and hotness are inversly proportianal in most cases.
  What good is getting access when the bubblehead can't figure out what a wiring closet looks like.
  
  --
  
  WTF? Over?
8. Re:Meh by RiotingPacifist · 2008-11-06 07:06 · Score: 3, Funny
  
  hey its "yes, you can08" to meet the new stricter password requirements
  
  --
  IranAir Flight 655 never forget!
9. Re:Meh by RiotingPacifist · 2008-11-06 07:08 · Score: 2, Informative
  
  But wireless devices are susceptible to anything cat5 is and then some!
  
  --
  IranAir Flight 655 never forget!
10. Re:Meh by Killer+Orca · 2008-11-06 07:38 · Score: 2, Funny
  
  Or I could just whip out my Mr. Fusion.
  Is that what the kids are calling it nowadays?
11. Re:Meh by Logic+and+Reason · 2008-11-06 10:31 · Score: 4, Funny
  
  smarts and hotness are inversly proportianal
  Wow, you must be really hot...
Ha ha ha ha by Anonymous Coward · 2008-11-06 03:54 · Score: 3, Funny

All your AP are belong to us.
You have no chance to survive make your time.
'Story' tag by Anonymous Coward · 2008-11-06 03:55 · Score: 2, Interesting

What's up with the 'story' tag? Perhaps we should also tag this 'words'?
1. Re:'Story' tag by Hurricane78 · 2008-11-06 04:21 · Score: 5, Informative
  
  Valid question.
  Well, if a story comes from the firehose, it gets tagged "story", because it became a story. And If it didn't, it gets tagged "!story".
  
  --
  Any sufficiently advanced intelligence is indistinguishable from stupidity.
2. Re:'Story' tag by athakur999 · 2008-11-06 06:06 · Score: 4, Funny
  
  They should tagged it "tagged" if it is tagged and "!tagged" if it's not tagged.
  
  --
  "People that quote themselves in their signatures bother me" - athakur999
3. Re:'Story' tag by arelas · 2008-11-06 07:57 · Score: 2, Funny
  
  A hole even!
Who uses TKIP instead of AES? by LibertineR · 2008-11-06 03:56 · Score: 5, Interesting

Is AES not the more secure of the two? From everything I have read, AES is the preffered option over TKIP.
1. Re:Who uses TKIP instead of AES? by kannibal_klown · 2008-11-06 03:59 · Score: 5, Informative
  
  Is AES not the more secure of the two? From everything I have read, AES is the preffered option over TKIP.
  I recall seeing some AP setups where TKIP was the default scheme.
  In the wide spectrum of Luddite to Novice to Hobbyist to Professional there are probably a bunch of users that might know enough to use WPA (perhaps from prodding from friends) and use the default settings with a key (either random or a passphrase).
2. Re:Who uses TKIP instead of AES? by prayag · 2008-11-06 04:03 · Score: 2, Interesting
  
  I have a lot of problem connecting my XP box with AES encryption. If I use 3rd party, may be I could've but I changed my encryption to TKIP and it worked fine.
  So... There you go !!!
3. Re:Who uses TKIP instead of AES? by Anonymous Coward · 2008-11-06 04:12 · Score: 4, Informative
  
  For the longest time, XP didn't come with AES/WPA support. You'd have to add this patch: http://www.microsoft.com/downloads/details.aspx?familyid=662BB74D-E7C1-48D6-95EE-1459234F4483&displaylang=en
  I'm not sure if this was rolled into a newer SP. Many people couldn't access a WPA2 AP so manufacturers chose to just enable WPA as there was less chance of incompatibility.
  In my apartment complex, I'm one of two people who have WPA2 enabled. I'm the only one who has only WPA2 enabled.
  Heh, the captcha word is "paranoia".
4. Re:Who uses TKIP instead of AES? by rpmayhem · 2008-11-06 04:25 · Score: 5, Informative
  
  In short, yes, AES is more secure than TKIP.
  
  WPA and TKIP was really just a stepping stone to get people off WEP and heading toward WPA2 and AES. Wireless hardware built to run WEP didn't have the processing power to run AES (I think it needed a separate crypto processor just for AES). So they made the WPA standard run TKIP so current WEP hardware was able to use a better security setup. It was all intended to move everyone to WPA2 with AES after everyone had bought newer wireless cards and routers.
  
  Interestingly, this means if you have hardware that only supports WEP, and the vendor doesn't offer WPA support, it's because they are too lazy to implement it (or want you to buy the new stuff). The hardware can handle it, they just need to add it to the firmware. My work had some handheld units like this. We had to buy all new units.
5. Re:Who uses TKIP instead of AES? by AndrewNeo · 2008-11-06 04:30 · Score: 3, Informative
  
  Service Pack 3 does indeed enable WPA2 and AES support.
6. Re:Who uses TKIP instead of AES? by sempernoctis · 2008-11-06 04:41 · Score: 5, Informative
  
  TKIP is not a cipher; it is a keying protocol. When you use TKIP, the actual cipher you are using is called RC4, which is older and has more known vulnerabilities than AES. It is also the cipher typically used by WEP, though the keying protocol WEP uses contains additional vulnerabilities. TKIP basically takes RC4, which was designed to encrypt a single stream of data, and creates a protocol around it for sending arbitrary packets, which may not be reliably delivered. WPA2 provides a more secure way to similarly wrap the AES cipher, but retains support for TKIP/RC4 for legacy devices.
7. Re:Who uses TKIP instead of AES? by dohnut · 2008-11-06 04:44 · Score: 5, Informative
  
  AES and TKIP are not apples to apples. AES is an encryption algorithm. TKIP basically handles the keys that the encryption algorithm uses.
  A better apples to apples comparison would be between the encryption algorithms (RC4 and AES) or the key managers (TKIP and CCMP).
  Generally, WPA uses TKIP/RC4 and WPA2 (802.11i) uses CCMP/AES.
  WPA (TKIP/RC4) was supposed to be a bridge between WEP and WPA2. WPA used RC4 (just like WEP) but enhanced (TKIP) in order improve security while using existing (WEP/RC4) hardware.
  WPA2 has always been considered more secure than WPA on paper though until this there has never been a documented exploit for either of them.
  
  --
  Stupider like a fox! - H.S.
8. Re:Who uses TKIP instead of AES? by JackHoffman · 2008-11-06 04:44 · Score: 5, Informative
  
  AES is a cypher. TKIP is a protocol, the Temporal Key Integrity Protocol, to be precise. The cypher used by WEP and WPA/TKIP is RC4. TKIP is what keeps changing the RC4 key to avoid the attacks on WEP, for which the attacker needs to collect many packets which have been encrypted with the same key. TKIP was invented to salvage older hardware, which only implemented the RC4 cypher.
  It is important to know that WEP's weakness is not simply a vulnerable cypher, but a vulnerability of the crypto system. The announcement states that the attack on WPA/TKIP does not actually crack the key, so this too looks like a vulnerability of the crypto system. That highlights the importance of crypto system design. You can't just take a "secure" cypher and be done with it. The protocol surrounding that cypher is just as important.
9. Re:Who uses TKIP instead of AES? by blincoln · 2008-11-06 04:49 · Score: 2
  
  The Xbox 360 wireless adapter still doesn't support WPA2 (even though the manual says it does), which is why I have my wireless router set to WPA instead. Thanks MS!
  
  --
  "...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
10. Re:Who uses TKIP instead of AES? by Firethorn · 2008-11-06 05:11 · Score: 2, Insightful
  
  What's also funny is that my router gives me better throughput with WPA/AES than WEP.
  I've just figured that the router probably has a seperate chip to offload AES while WEP is done in the CPU, slowing stuff down.
  
  --
  I don't read AC A human right
11. Re:Who uses TKIP instead of AES? by Anonymous Coward · 2008-11-06 05:19 · Score: 5, Informative
  
  At least it's not like the Nintendo DS that only supports WEP.
12. Re:Who uses TKIP instead of AES? by psydeshow · 2008-11-06 06:27 · Score: 2, Funny
  
  Look, obviously TKIP is more secure, becuase it has more letters.
  You geek types are always saying I should use a longer password, right? This is the same thing.
  And anyway, they wouldn't make it an option if it wasn't secure.
13. Re:Who uses TKIP instead of AES? by bendodge · 2008-11-06 06:37 · Score: 2, Informative
  
  I use WPA2 AES with a 128-bit key, but even the 'advanced' DD-WRT v24sp2 router firmware I'm using had TKIP as the default. I think it's for XP compatibility, but SP3 includes WPA2 and PNRP now.
  
  --
  The government can't save you.
14. Re:Who uses TKIP instead of AES? by fataugie · 2008-11-06 06:47 · Score: 4, Funny
  
  What's also funny is that my router gives me better throughput with WPA/AES than WEP
  That's because your router is laughing at you using WEP in between encrypting/decrypting the packets....that's why it takes longer.
  
  --
  
  WTF? Over?
15. Re:Who uses TKIP instead of AES? by dohnut · 2008-11-06 09:59 · Score: 3, Informative
  
  I'm am not aware of any hybrid wireless security scheme using both TKIP as a key manager and AES the cipher. Though I suppose it would be possible.
  When you see TKIP/AES or more commonly TKIP+AES. They are saying both TKIP/RC4 and CCMP/AES specifications are supported. So, for instance, you could set up a client to use "TKIP+AES". This basically means the client will try to connect to the AP using CCMP/AES first. If that fails it will try TKIP/RC4. It doesn't mean you're using both TKIP and AES simultaneously.
  WPA2 (full 802.11i) has always been and currently is only CCMP/AES.
  
  --
  Stupider like a fox! - H.S.
16. Re:Who uses TKIP instead of AES? by g-san · 2008-11-06 11:03 · Score: 2, Funny
  
  LOL! Is there a patch for that? He probably just needs to pull the UDP plug out the bottom and let all the dropped packets drain out. Where do you think they go when they are "dropped?" Dropped packet buildup has killed more routers than I can count.
Hahaha! by u38cg · 2008-11-06 03:59 · Score: 5, Funny

I use WEP!

--
[FUCK BETA]
1. Re:Hahaha! by PotatoFarmer · 2008-11-06 04:08 · Score: 5, Funny
  
  We know. By the way, do you think you could talk your ISP into increasing your download bandwidth?
2. Re:Hahaha! by blhack · 2008-11-06 04:25 · Score: 2, Funny
  
  Yeah, and I run an open access point with the SSID hidden called "secret_awesome".
  I feel like its the least I can do to help any new geeks in the area :).
  
  --
  NewslilySocial News. No lolcats allowed.
3. Re:Hahaha! by Lisandro · 2008-11-06 04:38 · Score: 2, Funny
  
  So you are the one slowing down my torrents...
4. Re:Hahaha! by russotto · 2008-11-06 04:38 · Score: 4, Funny
  
  Yeah, and I run an open access point with the SSID hidden called "secret_awesome".
  I run one called "man_in_the_middle". Best pay attention to those certificate warnings when you're using it.
5. Re:Hahaha! by tkdtaylor · 2008-11-06 06:57 · Score: 2, Funny
  
  I call mine "HoneyPot"
6. Re:Hahaha! by layer3switch · 2008-11-06 12:26 · Score: 2, Funny
  
  No, that would be me, Comcast.
  
  --
  "Don't let fools fool you. They are the clever ones."
It's a ploy! by dmomo · 2008-11-06 03:59 · Score: 3, Interesting

OMG! We need routers w/ better encryption. Buy router company and encryption company stocks! Everyone run out to Best Buy and get a new router.
Or, it just might be a real problem. /crumples tinfoil hat and pouts.
1. Re:It's a ploy! by MikeBabcock · 2008-11-06 07:28 · Score: 2, Informative
  
  You mean like point-to-point IPSec? That already exists, and is quite usable on modern computers.
  
  --
  - Michael T. Babcock (Yes, I blog)
WPA2 is NOT broken by fractalus · 2008-11-06 04:00 · Score: 4, Informative

Just WPA. WEP was already hideously broken but now WPA should also be considered broken. WPA2 is still safe.
Although, if you really have data you're concerned about keeping safe, you should (a) use a wired network, (b) use IPSEC, or (c) both.

--
People are never as simple as their stereotypes. This applies equally to Christians, Muslims, and Emacs-lovers.
1. Re:WPA2 is NOT broken by Quantos · 2008-11-06 04:04 · Score: 2, Insightful
  
  It never ceases to amaze me that people want to trust wireless devices for secure purposes, anything that is sent through the air can be captured and worked on. But are wired solutions really anymore secure? I mean can't packets that go out still be captured and worked on?
  
  --
  Some people are only alive because it's against the law for me to hunt them down and kill them.
2. Re:WPA2 is NOT broken by Thelasko · 2008-11-06 04:09 · Score: 2, Insightful
  
  Great, now any new hardware I buy will be incompatible with my old hardware, again!
  
  --
  One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
3. Re:WPA2 is NOT broken by bryanp · 2008-11-06 04:09 · Score: 3, Insightful
  
  Although, if you really have data you're concerned about keeping safe, you should (a) use a wired network, (b) use IPSEC, or (c) both.
  Yep. I'm getting some remodeling done on my house right now. Some of my friends think I'm weird because I'm pulling cat5e around the house when everything I use is already working find with WPA2. (Tivo, PS3, etc..). It's only a matter of time before someone breaks WPA2, but by then I plan to have turned wireless off.
  
  --
  "An unarmed man can only flee from evil, and evil is not overcome by fleeing from it." Col. Jeff Cooper
4. Re:WPA2 is NOT broken by Anonymous Coward · 2008-11-06 04:13 · Score: 4, Insightful
  
  It never ceases to amaze me that people want to trust wireless devices for secure purposes, anything that is sent through the air can be captured and worked on. But are wired solutions really anymore secure? I mean can't packets that go out still be captured and worked on?
  Using a wired connection over a wireless connection MINIMIZES the number of people who can look at the packets.
  After all sending data wirelessly gives anyone in the wireless device's area a chance to catch the packets as well as anyone that would normally have a shot on it via wired connection.
  You're still going to hit a router somewhere and be wired back in eventually, anyway.
  Wireless is foremost a technology of convenience rather than security.
5. Re:WPA2 is NOT broken by Ralish · 2008-11-06 04:32 · Score: 5, Insightful
  
  I have a hard time seeing the point of this, and the rationale behind other similar moves. Here's why:
  Firstly, advances in computing power and security research are always going to result in security schemes being broken, but these broken security mechanisms will always be replaced and improved. Provided you keep up to date with current security practices, and as a Slashdot reader, I assume you can and will, you're really not in any danger at all.
  Further, there's numerous other security options you can enable both at the wireless level and the network level to further protect your network, alongside good security practices with existing WPA2 (e.g. maximum length WPA key consisting of random characters and numbers). For example, MAC Address whitelisting, a strong password on the AP, and enabling AP configuration changes to occur only through wired connections. A half decent wireless AP should expose all of these options.
  This is more than enough to deter all but the most dedicated hacker. I'm not going to pull random statistics out of my behind, but I would wager that only a ridiculously tiny amount of wireless intrusions are done by experienced hackers, and experienced hackers tend to have an agenda beyond "leeching your tubes". The above security options, if all enabled and correctly configured (as in my home network) goes above and beyond what is required to stop the casual or even experienced war driver in their tracks.
  But let's say that somehow, they do manage to break your wireless security. Well, if your network is properly set up, they now have another round of security to get through that should be even tougher. Here, digital signing and encryption of all network communications between Windows machines on the domain is required by policy, no exceptions. This is one example of many.
  If someone out there is really willing to go to all that effort to break into your HOME network and access your personal data, you have VERY serious problems. From a corporate network perspective, of course, things might be entirely different.
  Bottom line: I have a hard time seeing the point of abandoning wireless due to security concerns in home networks, as a properly secured wireless network and home network will easily defeat all but the most determined and skilled hackers.
  And finally, why did you buy into wireless at all in the first place if you were so concerned about security? Everyone knew that WEP was rubbish before it was even cracked (which didn't take long). WPA was a vast improvement over WEP, but even it had its flaws, and this was also well known among those concerned. I find it strange that you're getting out of wireless now, when a look at the whole picture shows that wireless security has improved immensely since the initial takeup of wireless. The real problem is people not moving to these new security setups, and staying with WEP or worse.
6. Re:WPA2 is NOT broken by Abcd1234 · 2008-11-06 04:41 · Score: 4, Insightful
  
  Some of my friends think I'm weird because I'm pulling cat5e around the house when everything I use is already working find with WPA2.
  You are weird if you're doing that because of security concerns. Here's a hint: no one cares about your wireless network. No, really, they don't.
  That said, given how flakey wireless can be, running cable is only sensible, particularly given it makes it easy to run additional telephones, etc, as well.
7. Re:WPA2 is NOT broken by Hatta · 2008-11-06 04:47 · Score: 4, Informative
  
  Don't install cat5, install conduit. Then you can pull whatever you want, wherever you want, at any point in the future with ease.
  
  --
  Give me Classic Slashdot or give me death!
8. Re:WPA2 is NOT broken by Hatta · 2008-11-06 04:51 · Score: 2, Insightful
  
  You are weird if you're doing that because of security concerns. Here's a hint: no one cares about your wireless network. No, really, they don't.
  Joe the Pedo cares a lot about getting free untraceable internet access. I care a lot about not getting my house raided because someone abused my network.
  
  --
  Give me Classic Slashdot or give me death!
9. Re:WPA2 is NOT broken by lostfayth · 2008-11-06 04:52 · Score: 3, Informative
  
  Fairly easy, if you have a basement or attic (crawlspace) where you can drop wire. Cut a hole for an "old work" electrical box, and drill a hole in attic or basement to run the wire through. Run a fish wire through the hole in the attic/basement, and to the larger hole in the wall to pull some cat5 through, then run the wire to where you need it. Terminate and enjoy.
  Gets a little more tricky in multi-story houses or those without attic/basement, but that's the basic idea.
10. Re:WPA2 is NOT broken by sexconker · 2008-11-06 04:56 · Score: 4, Funny
  
  Nerds like to sit.
  You can sniff packets while sitting just about anywhere. In your kitchen. In your car. On the crapper.
  To tap a line, you usually have to get up, and you often have to use some archaic toolset like Screw.Driver or Flash.Light that you haven't supported since 3 forks ago.
11. Re:WPA2 is NOT broken by Hatta · 2008-11-06 04:58 · Score: 5, Informative
  
  Go to the attic, you'll have access to the insides of the walls from above. Drop a chain with a weight down an interior wall (so there's no insulation in the way). Cut a hole in the drywall for your ethernet jack. Guide the weight to the hole, a strong magnet(perhaps from a hard drive) can help here. Then just attach your cat5 to the end of the chain, go back to the attic and pull it up. You can run the cat5 across the entire house in the attic and not worry about people tripping on it or anything. It's kind of shitty work, but it's doable if you're just a little bit handy.
  
  --
  Give me Classic Slashdot or give me death!
12. Re:WPA2 is NOT broken by orielbean · 2008-11-06 05:11 · Score: 2, Insightful
  
  You can use the old Cat5 as a wire fish to piggyback and attach to the fancypants new wiring that the kids of the future will need; conduit can get expensive.
13. Re:WPA2 is NOT broken by sexconker · 2008-11-06 05:12 · Score: 2
  
  What, don't you know that Cat 5, 5e, and 6 are all the same for short runs? Don't you know that it's just a badge you get to essentially buy after some "testing"? Don't you know MONSTER cables are the only way to truly protect your sensitive electronic equipment?
14. Re:WPA2 is NOT broken by Firethorn · 2008-11-06 05:19 · Score: 3, Informative
  
  But are wired solutions really anymore secure? I mean can't packets that go out still be captured and worked on?
  Actually, unless you're doing seperate encryption, most wired connections today are less secure than wireless with proper security set.
  Part of the clue is with WEP - Wired Equivalent Privacy. The idea was that, at the time, to make the wireless connection as much of a pain to get into as a wireline. IE not very difficult in most circumstances. Today, due to the march of technology, WEP IS easier to get into than a wire, but not much less either.
  There are ways to sniff traffic today without breaching the wire, there's packet sniffers that can sit in the middle of a cable, etc... They just require either expensive equipment for ranged use or somebody actually getting to the wire.
  So, regardless if you have a wired or wireless connection, before you start putting financial or other private information onto a network, using a secure protocol is a very good idea. HTTPS, SSH, etc...
  Of course, if you want to be really secure, do something like WPA2/AES to the router, then VPN to the private network.
  
  --
  I don't read AC A human right
15. Re:WPA2 is NOT broken by MasterNetHead · 2008-11-06 05:20 · Score: 3, Funny
  
  Its funny... my neighbors are probably thinking the same thing.
16. Re:WPA2 is NOT broken by smellsofbikes · 2008-11-06 05:21 · Score: 5, Informative
  
  Some notes on wiring -- either power or ethernet cable.
  1. Drill two holes in the header, each about 1/2" in diameter, about 2" apart. You put a flashlight over one so you can see what you're doing when you drop the line down the other.
  2. On the bottom end, cut a full-sized hole for a standard rework box. You can get standard wall faceplates for snap-in Cat5 outlets. I generally wire with double-hole faceplates, and put a phone cord in the lower one and Cat5 in the upper. A rework box hole gives you a large enough opening that you can get your hand in there and grab stuff. Pull the wire out and run it into a rework box and put that in the wall. (if you have really big hands you might not be able to do this. Find someone with smaller hands or run a loop of wire into the wall first, then drop the wire from the top, through the loop, and then pull the loop out the hole.)
  By using an adjacent hole to admit light, I can usually manage to drop a wire into an existing box if I've punched out the knockout on the top, with a bit of care.
  Note that all this advice, and the parent poster advice, all assume you don't have firebreaks inside the wall. Many newer houses have 2x4's across the wall halfway up, to keep the space between the walls acting like a chimney. In that case you're going to be cutting drywall and/or finding a seriously long drillbit. (It's possible to weld a drillbit onto the end of a 3' piece of mild steel rod, but it's pretty unpleasant to use.)
  
  --
  Nostalgia's not what it used to be.
17. Re:WPA2 is NOT broken by prisoner-of-enigma · 2008-11-06 06:39 · Score: 2, Insightful
  
  Joe the Pedo cares a lot about getting free untraceable internet access. I care a lot about not getting my house raided because someone abused my network.
  
  Can you reference a single incident where such a raid has taken place? On a lark I decided to Google around for such an incident and couldn't find a single damned thing.
  Given the hundreds of thousands -- perhaps millions -- of wireless devices in operation in homes across the U.S., the lack of any such raid seems to suggest your fear is either overblown or based on paranoia.
  
  --
  In the end they will lay their freedom at our feet and say to us, Make us your slaves, but feed us. - Fyodor Dostoyevsky
18. Re:WPA2 is NOT broken by maztuhblastah · 2008-11-06 06:49 · Score: 4, Interesting
  
  Joe the Pedo cares a lot about getting free untraceable internet access.
  Oh no you don't. If the politicians don't get to use the "think of children" excuse to justify increased surveillance, shredding the Constitution, and guilty-until-proven-innocent, then we don't get to use it as an explanation for our security decisions. Let's not have a double standard here; one standard will do just fine.
  
  --
  The real litigious bastards...
19. Re:WPA2 is NOT broken by LandruBek · 2008-11-06 06:54 · Score: 4, Informative
  
  Can you reference a single incident where such a raid has taken place?
  The FBI has conducted armed raids of homes in at least three states due to clicks on honeypot links to files full of "gibberish." So the above scenario (of Alice getting arrested because of Bob's browsing habits) is highly plausible, even if it hasn't happened yet.
  
  --
  $META_SIG_JOKE
20. Re:WPA2 is NOT broken by MikeBabcock · 2008-11-06 07:30 · Score: 2, Informative
  
  You can always buy a decent network switch with 802.1x authentication and make your wired network significantly less open.
  
  --
  - Michael T. Babcock (Yes, I blog)
21. Re:WPA2 is NOT broken by element-o.p. · 2008-11-06 09:29 · Score: 2, Informative
  
  Part of the clue is with WEP...but not muc less either
  I disagree. WEP was a marketing phrase -- "See? Our wireless networking gear is just as secure as traditional wired networks!" Unfortunately, it wasn't. WEP was flawed from the start because of some mistakes made in the implementation of encryption (I don't recall exactly what was wrong and I'm too lazy to Google it, but IIRC, they implemented RC4 incorrectly). A more telling clue about the security (or lack thereof) of WEP was in a quote I found while researching wireless networking for a college presentation: "Installing a wireless LAN may seem like putting Ethernet ports everywhere, including in your parking lot." (Cisco Systems document, "Wireless LAN Security"). You are correct that if you are on the inside, getting access to a wire is not terribly difficult. However, if you don't have access to my facilities, getting access to my wired network just got orders of magnitude harder. It might still be possible, but it's certainly not as easy as simply plugging into an empty network jack. For that matter, where I work, we turn off unused network jacks, so even if you get inside the building, you still won't have physical access to my network unless you unplug someone else's connection -- which will probably be noticed, even if it's only for a few seconds while you connect a switch. But it's worse than that, because on my switch, I can filter ports by MAC address, so unless you find an active port *and* clone a valid MAC address for that port you still won't have access.
  
  If all you want to do is passively sniff traffic that is flowing through a wire, then it's certainly much easier for you -- all you have to do, as you state above, is insert a sniffer between a valid network host and the network jack and you're golden...but that's once you are inside my building. Fortunately, I work in a small enough company that if someone unknown starts mucking around with our network cables, someone is going to get suspicious, so even passively sniffing isn't as easy as you suggest.
  
  With WEP -- and now WPA, as well -- all you have to do is sit in your car on the street outside my building, take ten to fifteen minutes (according to the summary above, anyway) and you can sniff to your heart's content. Sounds much easier than gaining access to my wired network, IMHO.
  
  --
  MCSE? No, sir...I don't do Windows. Yes, I am an idealist. What's your point?
22. Re:WPA2 is NOT broken by smellsofbikes · 2008-11-06 10:27 · Score: 2, Interesting
  
  The walls between *rooms* are made of *brick*?
  Wow.
  Renovation must be a bitch. A couple years ago, it took me about three hours to move a closet from *this* room to *that* room, with wooden walls, coz I could just rip off some sheetrock, cut out two studs, put in a header, put in two studs in the old doorway, and put up new drywall.
  It's also my (rather picky, admittedly) habit that when I walk into a room and try and turn on the lightswitch in the wrong place, well, it's not the wrong place, then is it? so I move the switch. Which, again, takes about an hour and a half, and then it's where I wanted it to be in the first place. When I move a computer from over *here* to over *there*, I move the power outlet (because I run a separate circuit for the computers, through a UPS) and the Cat5 outlet. I can't even imagine trying to deal with that with brick walls.
  
  --
  Nostalgia's not what it used to be.
23. Re:WPA2 is NOT broken by Hatta · 2008-11-06 10:56 · Score: 2, Insightful
  
  It's not a double standard. I'm not using fear of pedophiles to justify not sharing my wifi, I'm using fear of the government to justify not sharing my wifi. That I think is entirely appropriate here. The FBI can, and does, raid people for nothing more than clicking on an URL. That's not paranoia, that's a fact.
  
  --
  Give me Classic Slashdot or give me death!
Is it just me... by Jazz-Masta · 2008-11-06 04:00 · Score: 5, Insightful

or is anything worth protecting worth using CAT5 on?
Most banks and government institutions don't use WIFI because of the security vulnerabilities. Granted CAT5 doesn't have have security to access (like wifi tkip/aes key), but it is physically secure, which is at the same level of security as the physical machines themselves.
I find WIFI performance and coverage to be dodgy at best. It's an absolute pain to support.
1. Re:Is it just me... by H0p313ss · 2008-11-06 04:20 · Score: 2
  
  or is anything worth protecting worth using CAT5 on?
  The truly paranoid use fiber. Google "TEMPEST security" for hours of fun. (Tinfoil hat is optional.)
  
  --
  XML is a known as a key material required to create SMD: Software of Mass Destruction
2. Re:Is it just me... by digitalchinky · 2008-11-06 04:48 · Score: 2, Interesting
  
  You bend fiber just right and you can sense and demodulate the data stream. Unfortunately the act of doing this can also be detected since it causes signal degradation. This doesn't imply that detection is always going to happen though.
Huh....So for data.... by Seakip18 · 2008-11-06 04:06 · Score: 4, Informative

If I remember reading right, a few years ago, TKIP client encryption was always able to be broken. The catch was that you had to capture the packets with the handshake between the access point and the client. This could be done by breaking the signal and capturing the ensuing reconnect. AES fixed this problem.
I think this may have been if you wanted to actually decrypt the data between the two though and that meant having the WPA key, which these guys have broken. Before this, as the article states, the only thing was a dictionary attack. So, I wonder if you combine the two, can you intercept data and successfully look at it.

--
import system.cool.Sig;
1. Re: Huh....So for data.... by tlhIngan · 2008-11-06 04:27 · Score: 4, Informative
  
  If I remember reading right, a few years ago, TKIP client encryption was always able to be broken. The catch was that you had to capture the packets with the handshake between the access point and the client. This could be done by breaking the signal and capturing the ensuing reconnect. AES fixed this problem.
  I think this may have been if you wanted to actually decrypt the data between the two though and that meant having the WPA key, which these guys have broken. Before this, as the article states, the only thing was a dictionary attack. So, I wonder if you combine the two, can you intercept data and successfully look at it.
  TKIP is a nasty hack, actually. It's designed to work with chipsets with onboard WEP encryption/decryption (it re-uses the RC4 hardware), and its security was always quite low (which is why it always re-keys itself every hour by default). It has mechanisms to detect and prevent replay attacks, as well as message integrity checks in case someone manages to break through the protections. It's final defense is a complete shut down of the network and a re-keying of everyone if it detects 2 or 3 MIC failures (the network literally shuts down for a minute).
  These days, modern chipsets can do AES in hardware, and there's no reason to use TKIP anymore except in legacy applications (which still exist - though modern software can often just offload the AES in software).
Well duh... by Zakabog · 2008-11-06 04:07 · Score: 3, Interesting

Does anyone seriously treat any wireless transmission as if it was secure? If anyone who cares to listen can easily pick up everything being sent from your computer it's only a matter of time and CPU power before they can read it.
Yes I know, the article mentions they actually found a more efficient method of cracking WPA than a simple brute force attack, and that is a flaw in WPA not wireless security. Although while they may come up with new encryption methods I still don't trust wireless for much more than browsing slashdot or searching google. If I need to do anything that involves sensitive information like ordering something online I can wait to go to a wired desktop.
1. Re:Well duh... by plague3106 · 2008-11-06 04:39 · Score: 2, Informative
  
  Does anyone seriously treat any wireless transmission as if it was secure? If anyone who cares to listen can easily pick up everything being sent from your computer it's only a matter of time and CPU power before they can read it.
  Well, secure enough. I have WPA2 and AES with RADIUS setup... but as far as recording the transmitted data and decrypting it later, you can use tempest to snoop on Cat5 packets too.. so, I'm not sure wired vs. wireless is that relevent.
2. Re:Well duh... by maxume · 2008-11-06 04:47 · Score: 2, Informative
  
  The architecture of DSL is usually such that you can't see anybody else's traffic (well, it was the last time I spent any time trying to understand how it worked).
  
  --
  Nerd rage is the funniest rage.
3. Re:Well duh... by hairyfeet · 2008-11-06 04:48 · Score: 2, Interesting
  
  You'd be surprised how many times I've walked around the corner to the local cafe to get me a nice coffee and see folks doing their banking,using their CC,etc on the cafe free wifi. Hell I wouldn't even have to do packet sniffing on those that sit towards the center,as either of the two table nooks by the door allow me to see the screen and keyboard of anybody at the lower center tables quite easily. I think it is pretty obvious that folks don't have a clue when it comes to security in public.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
'Its just the starting point,' by Keramos · 2008-11-06 04:14 · Score: 4, Interesting

So, the headlines blare "WPA is cracked!!!!", but the researchers themselves say they haven't cracked the keys used to encrypt the data and all they have is a "starting point".
So, how is WPA cracked and useless, again??
I suppose maybe we'll see at the PacSec conference.
1. Re: 'Its just the starting point,' by AdmiralXyz · 2008-11-06 04:24 · Score: 2, Informative
  
  For two reasons:
  
  1) Even if it isn't completely broken, any kind of significant attack, as this most certainly is, is reason enough to switch to a more secure system if one is available. This revelation, combined with that Russian breakthrough of using GPUs to brute-force WPA keys in very little time, is evidence that WPA is very close to being insecure and inadvisable for use as a wireless security protocol, if it isn't already.
  
  2) Alarmist headlines always have been the de facto when it comes to security-related news and always will be. While I agree it is an exaggeration in many cases, it gets people paying attention to vital security-related issues, which can only be a Good Thing.
  
  --
  Dislike the Electoral College? Lobby your state to join the National Popular Vote Interstate Compact.
Secure Wi-Fi by extract · 2008-11-06 04:18 · Score: 2, Informative

Use WPA 2, AES, create private network, MAC address lock on, turn off SNMP, if your router allows it: Reduce transmission strength (Mine is reduced to 10%). Some Windows laptops cannot use WPA2 or AES due to obsolete Wi-Fi card, change the card in the laptop to fix the problem.
1. Re:Secure Wi-Fi by Anonymous Coward · 2008-11-06 05:39 · Score: 2, Funny
  
  My security is a lot simpler and more effective: one of my neighbors has an open WAP with "linksys" for an ssid.
  Don't worry, I changed the default admin password for them.
why not RSA? by Lord+Bitman · 2008-11-06 04:37 · Score: 3, Interesting

As a serious question, the ignorant wanting to be enlightened: Why don't wireless access points just use some well-known and tested public key encryption? What problem is being solved by WEP/WPA/etc which simply broadcasting (or for the paranoid: copying over with a USB key) a regular old public key wouldn't cover?

--
-- 'The' Lord and Master Bitman On High, Master Of All
1. Re:why not RSA? by swillden · 2008-11-06 05:20 · Score: 4, Informative
  
  Why don't wireless access points just use some well-known and tested public key encryption? What problem is being solved by WEP/WPA/etc which simply broadcasting (or for the paranoid: copying over with a USB key) a regular old public key wouldn't cover?
  Why public key? What problem is solved by using public key schemes, with their corresponding complexity, poor performance and large, unwieldy keys?
  The question you SHOULD ask is: "Why don't wireless access points just use some well-known and tested symmetric key encryption?"
  The answer is: They do. The cipher is called AES and the WiFi security scheme that uses it is called WPA2. What's been broken is the stuff that's still based on the RC4 cipher, which has some well-known flaws.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Re:OHNOES! by Coraon · 2008-11-06 04:45 · Score: 4, Funny

I know I just got root access...BTW could you put in some bread? I'm trying to install pop-up's.

--
-Ours is the wisdom of Solomon, the magic of Merlyn, the fall of Icaris.
Re:I use ROT13 by ale_ryu · 2008-11-06 04:50 · Score: 2, Funny

Meh, that's nothing, I use DOUBLE ROT13. Learn 2 secure your data you n00b!

--
Check out my blog!
Just like cordless phones, really by Rastl · 2008-11-06 05:01 · Score: 2, Informative

Cordless phones have to be some of the most insecure communication devices out there but people still think nothing of using them for 'secure' transactions.
When my mom got her first cordless phone she was concerned about giving out things like credit card info to companies using the cordless phone. She got a revelation with my answer of "Just use the corded phone for those."
We also had Cat5 run when we had some electrical work done. We use the corded connections for 99% of what we do. Wireless is there for the very rare time when we want to use one of the notebooks in an area without a network jack. And in no way do I consider the connection secure regardless of any encryption put in place.
Wireless isn't all that great. I'm not about to do my online banking at a Starbucks or any other place when I'm literally broadcasting my communication to anyone willing to sniff for it. That's just silly.
Comment removed by account_deleted · 2008-11-06 05:29 · Score: 3, Interesting

Comment removed based on user account deletion
Re:Does this help by Mantrid · 2008-11-06 06:53 · Score: 2, Informative

I think as long as your WPA passkey is not easily guessable and long enough you should be good to go.
MAC Address filtering and not broadcasting your SSID is really not doing anything for you though. MAC addresses are trivial to spoof, and SSID can be sniffed out without too much trouble.
Obviously by spazdor · 2008-11-06 07:11 · Score: 3, Funny

over 9000.

--
DRM: Terminator crops for your mind!
CAT5 in Australia by labnet · 2008-11-06 07:36 · Score: 2, Interesting

And if you live in Australia it is *ILLEGAL* for you to run your own cat5 in dry wall. You need to have a special licence that not even electricians have.
Welcome to the REAL nanny country!

--
46137