WPA-PSK Cracking As a Service

An anonymous reader writes "Moxie Marlinspike, a security researcher well known for his SSL/TLS attacks, today launched a cloud-based WPA cracking service, where for $34 you can test the security of your WPA password. The WPA Cracker Web site states: 'WPA-PSK networks are vulnerable to dictionary attacks, but running a respectable-sized dictionary over a WPA network handshake can take days or weeks. WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords. While this job would take over 5 days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes.'"

No comments?

[scurvy_lubber]

Why not?

One problem

[Logic+Worshipper]

Most people try to crack WiFi because they don't have internet, in which case it would impossible to access a cluster. It would be cool if it got you internet anywhere there was wifi, but it won't work, because you can't log into the cluster without internet anyway, so what's the point? Besides stealing data of course.

Re:One problem

[ctmurray]

I think the tool is not being sold to people wanting to crack into a WiFi network, rather selling to people so that they can test their WiFi network.

Re:One problem

[snowraver1]

Well, you could impress a client if you were a security contractor. For $35, that's a bargain! You could also screw with your neighbor... if they so deserve it.

Re:One problem

[hey]

Maybe somebody might want to crack their neighbor's wifi now so you so can connect if they have an outage.

Re:One problem

[Logic+Worshipper]

For that price you can get a backup internet connection.

Re:One problem

[Korbeau]

I think the tool is not being sold to people wanting to crack into a WiFi network, rather selling to people so that they can test their WiFi network.

[x] Check this box if you are above the age of 18 and promise not to use this tool for malicious intends.

[BUY NOW!!!]

Re:One problem

[Logic+Worshipper]

Yeah, I'm sure that's the actual usage they're expecting.

Re:One problem

[Enleth]

Nothing a trip to the coffe shop around the corner won't fix.

A friend of mine has a modified ThinkPad fitted with threee WiFi adapters (one IWL, one Atheroes with AP/bridge functionality, another Atheros for quick scanning and data dumps on multiple channels) with external high-gain antennas and basically the only thing that keeps him from having net access virtually everywhere is the CPU power to crack keys. Luckily for him, the biggest telecom around here gives out wireless routers with preset (permanently!) WPA keys generated from the subsciption ID - they're all of the same length and share some character patterns, so a laptop CPU is able to crack them in a few hours. For others, he could be actually interested in such a service, maybe if it were a bit cheaper.

Re:One problem

[fake_name]

Just wait for the iPhone app, so you can use your mobile connection to break into the faster wifi broadband.

Re:One problem

[Shakrai]

I think the tool is not being sold to people wanting to crack into a WiFi network, rather selling to people so that they can test their WiFi network.

And the majority of bittorrent traffic is Linux torrents and WoW patches.....

Re:One problem

[vivian]

Alternatively you could actually not be an asshat, get on with your neighbour and negotiate with them (over a 6 pack of beer) to allow legal access in the event of an outage.

Re:One problem

[Gothmolly]

Isn't it cheaper, easier, and less douchebaggy to just get an aircard?

Re:One problem

[davester666]

"where for $34 you can test the security of your WPA password"

Um, what? If you know your own WPA password, you can just type it into say, dictionary.com or even into their web site. they should be able to tell you if it's in their list of strings they try for a lot less than $34...

Re:One problem

Any clued neighbor wouldn't be allowing others onto their wi-fi. I wouldn't want to be implicated if the neighbor has a taste for the "young'ons", nor do I want my IP to be considered enough evidence to win an IP infringement lawsuit because someone wants to bum Internet access for downloading the latest pr0n flick or the latest Britney Spears album.

If I were going to give wi-fi access, it will only be to allow others to connect to an OpenVPN port on an offshore provider. Then if I get a motion of discovery dropped on me, I can point to the offshore provider account belonging to someone else and go about my business.

Re:One problem

[aztracker1]

I'm sure they're willing to "test" their geolocation analytics while they test your wpa passwords too...

Re:One problem

[masshuu]

or go to your local coffee shop that offers free wifi

Re:One problem

[supernova_hq]

Not if what you want to get to is only on that network...

Re:One problem

Wow... ya think? I'm pretty sure you can use it to crack other passwords toooooooooooooo.

Re:One problem

If their password appears in a dictionary, even one of 135 million words, then you could probably impress that client with shadow puppets, or blowing bubbles.

Re:One problem

[Dan541]

Because I really find value in testing my OWN network.

Re:One problem

[cbiltcliffe]

Because I really find value in testing my OWN network.

If you don't, then you don't really understand security.
The point is, these dictionaries are already available to the people with their evil bit set.
If you're going "nobody's going to figure out this password," especially if you're running a business, you really should be _making sure_ that nobody's going to figure it out, rather than going on faith.

Unless you have a multi-tens-of-millions word dictionary yourself, so you can make sure that your WPA passphrase isn't in it, you're not properly protecting your network.

Re:One problem

[Just+Some+Guy]

Living in fear must suck, huh? I have 4 open WiFi networks available to me at the moment (in a subdivision with 1/2-acre lots, not in a dense apartment complex). I've hopped onto a neighbor's network when my phone was out, and I have DHCP logs showing when they've been on mine. If I got hit with a subpoena, it'd be a piece of cake to show how many other people are using my router. That's a lot better approach for me and my neighbors than shutting each other out in a moral panic.

Re:One problem

[Dan541]

You sound like a salesman, "for only $34 you can be sure that your network is secure".

Re:One problem

Nice idea

and if it wasn't in their list, it will be now, and the next person trying to crack your wifi is happy.

Re:One problem

[Jedi+Alec]

Any clued neighbor wouldn't be allowing others onto their wi-fi.

Considering my neighbour is hot, blonde and single, if she wants to use my connection to download pr0n I'm sure we can come to some sort of arrangement...

Re:One problem

[GameboyRMH]

Well then it sounds like you have enough users connecting for plausible deniability. If it's only you and your neighbor sharing a private AP, you have the downsides of both the single-house private AP (no plausible deniability) and open AP (can't be sure what's passing over your network) approaches. The blame will fall on the owner of the connection that handled the offending traffic. If he downloads loli or pop culture warez over your connection and the authorities / the MAFIAA take notice, you're fucked, and all he has to do (assuming router logs are nonexistent / have been rotated out) to get off the hook is delete your AP password from his machine (which he can do when he sees the cops bust down your door / your name in the media). Once it's your word against his, you'll just seem like a guilty pedo / pirate trying to blame it on the neighbor.

Re:One problem

[PsyciatricHelp]

Really. If you need to spend money to test if your password is secure. Its not. Get a better P@$sW0rD!. Otherwise Looks like I am finally getting FIOS!! lol.

Re:One problem

[PsyciatricHelp]

$35 is a one time fee. Much like the activation of any backup anything. Hey and no monthly cost. Unless your caught.

Re:One problem

[PsyciatricHelp]

Airs cards average $60 a month and have a 5GB soft cap.

Re:One problem

[ceoyoyo]

Riiight. It does a dictionary attack on the password. Want to know if your wifi is secure against this? Does it have a dictionary word in it? Then no. Is it a random string? Then yes.

You can pay me now.

Re:One problem

[Spazztastic]

Really. If you need to spend money to test if your password is secure. Its not. Get a better P@$sW0rD!. Otherwise Looks like I am finally getting FIOS!! lol.

Right, because it's so simple as just a password. We're not talking about your shitty residential ISP going to your moms basement hooked in to your DD-WRT router. We're talking about businesses who do their own internal audit on their network security. If $34 is all it would cost to make a point to your manager to approve infrastructure upgrade or serious changes, then that's well worth it.

You'd be very surprised how even a very complex password can be cracked with a dictionary attack, including "P@$sW0rD!".

Re:One problem

[Spazztastic]

Considering my neighbour is hot, blonde and single, if she wants to use my connection to download pr0n I'm sure we can come to some sort of arrangement...

I told most of my friends to avoid using someone's connection because there's a lot of creeps out there who will probably intercept their information. Parent is a perfect example.

Re:One problem

[Dan541]

You'd be very surprised how even a very complex password can be cracked with a dictionary attack, including "P@$sW0rD!".

What about: C5&}+6@.lf2^?5Im^j~~+:VBYWe>EPohr@j)R\cwVeb/tqrm,CQDGNk)4p2X=7{;12$?Kvppgx?OWd5*eR,APZxgX^g[/\Xi_t>mwL;tCu_wvIVV{F;V'h:QGOA.o__WU6K7-v'`&&"BbbdkpFs*0I0u$eB$L$m9^vM_P>1nALd%>rbNW`uCnCF'f{][uANt`a6N`n>fKS~c;Y6-!rKS4Mzom0GFOP_-{,&@X52lym:ttAFaR"Kc"oMRQ*^-(fKA;UT/[XXdV+aHO!&Lmk?9h'"D%zp]l\g1G{k$$9tw@w!gFTXoi>cwiW-c'KfG

Re:One problem

[L4t3r4lu5]

That's lovely, but your contract will almost certainly make you liable for all traffic going over the connection you signed the contract to lease. Logs or not, it's your credit card paying the bill, and it'd your address the line is leased to.

Re:One problem

[Spazztastic]

Have fun remembering that off the top of your head.

Also, WPA2 passwords are limited to 256 bits, so the maximum length would be 64. Want a quick pseudo-random password? Type this into any bash prompt:

cat /dev/random | tr -dc [:alnum:][:punct:] | head -c64

Not reccomended for commercial application, but it'll keep that stupid kid next door from getting in.

Re:One problem

[Just+Some+Guy]

Contract? Lease? WTF are you talking about?

Re:One problem

[Hatta]

Having a way out of trouble doesn't negate the pain of getting in trouble in the first place. If someone does something naughty on your wifi, it's your computers who are getting confiscated, and you're paying for the lawyer to get it all back. Living in fear does suck, but that's the world we live in.

Re:One problem

Sweet setup. If he needs processing power to crack WPA keys, couldn't he "outsource" the job to a 6-core i7 machine at home? He'd need to have a connection of course but it's possible.

Wardrive, d/c clients and capture reauth data (and MAC addresses), send to i7 machine via open access point, retrieve keys later, have connectivity the next time you pass through that area.

Re:One problem

[krakelohm]

I believe he is working towards your internet connection, you had to sign a contract and you pay that bill under your name correct?

Re:One problem

[Jedi+Alec]

Ehmm, which part of "coming to some sort of arrangement" is creepy? I was kidding along the lines of a shared network drive or something.

If I wanted to eavesdrop I'd just throw it wide open and sit back and watch the traffic roll.

Re:One problem

[hesaigo999ca]

i concur....this is a problem I have seen been used to convict innocent people of pretty damaging and life altering criminal charges. Too bad the legal system is not more knowledgeable of these things and allow a certain amount of plausibility to these circumstances.

Re:One problem

[Dan541]

Have fun remembering that off the top of your head.

That's ok ill post it on my blog for easy retrieval.

Re:One problem

[Just+Some+Guy]

I called the local ISP and told them to activate the account. I never signed a contract or service agreement of any kind. And even if I did - that's inapplicable here. Suppose I'm renting a house and my lease says that I'm legally liable for anything that happens on the property. Two drunks kill each other on my rented front yard while I'm not home. Forget the lease; I'm not going to prison for it.

Back to the case in point, although I might be responsible to the ISP for breaking the terms of service in the contract (if there was one), that's a far cry from being legally responsible for a neighbor downloading kiddie porn just because my ISP thought I should be.

Re:One problem

[ZosX]

Thanks for exposing my key! It took so long to memorize too! I thought I'd never have to change passwords........*grumble* *grumble*

Re:One problem

[ZosX]

I was wondering if this is a dictionary only attack. It is possible that is all they are looking at. I don't know how long a 400 cpu cluster can bruteforce a 64 charachter key, but I would say not long.

Re:One problem

[ceoyoyo]

The article says it's a dictionary attack. It's possible they supplement that a bit, but their whole point (excuse) is that they check your key to see if it's "secure," i.e. not in their dictionary.

Re:One problem

I have DHCP logs showing when they've been on mine.

And how do you propose to read those logs when the warrant for "all computer equipment" has landed the device that contains those logs in the police evidence locker.

Re:One problem

yes exactly! I have never understood this open AP argument. If the neighbour downloads kiddy porn, then you will get sent to jail because you own the public IP...he just used your private router supplied DHCP address. dumbass. It has STILL not been proven in court that an IP address is NOT personally identifiable, to the contrary, time after time, movie/music downloaders have been shafted by The Man by identifying that indvidual by an IP address, despite evidence clearly indicating that an IP can not identify an individual.

Build a dictionary!

So for $34 you can make sure your password is part of their dictionary?

Re:Build a dictionary!

[supernova_hq]

No no no no, when you submit your password it will only appear as ***** to them.

Re:Build a dictionary!

hey, if you type in your pw, it will show as stars
  ********* see!
  hunter2
  doesnt look like stars to me
    *******
  thats what I see
  oh, really?
  Absolutely
  you can go hunter2 my hunter2-ing hunter2
  haha, does that look funny to you?
  lol, yes. See, when YOU type hunter2, it shows to us as *******
  thats neat, I didnt know IRC did that
  yep, no matter how many times you type hunter2, it will show to us as *******
  awesome!
  wait, how do you know my pw?
  er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw
  oh, ok.

Re:Build a dictionary!

No no no no, when you submit your password it will only appear as ***** to them.

they'll think everyone's password is hunter2?

Re:Build a dictionary!

[Macrat]

That's what they want you to think.

Re:Build a dictionary!

[dwarfsoft]

hunter2 sauce

Re:Build a dictionary!

[theTerribleRobbo]

Holy shit. How did you get my password?

Re:Build a dictionary!

[qmaqdk]

Oblig.:

http://bash.org/?quote=244321

Re:Build a dictionary!

reminds me of this: http://www.bash.org/?244321

And now...

we have your Password and IP, thanks!

And Slashdot is promoting this

[ClosedSource]

because?

Re:And Slashdot is promoting this

[Sir_Lewk]

Because this is news for nerds, stuff that matters.

Dumbass.

Re:And Slashdot is promoting this

[Nerdfest]

Because Moxie Marlinspike is the coolest name ever, with the possible exception of Neal Anderthal.

Re:And Slashdot is promoting this

[ClosedSource]

And this matters because..

Re:And Slashdot is promoting this

it's news for nerds

Re:And Slashdot is promoting this

[ClosedSource]

Yes, somebody already said that. But advertisements aren't news.

Re:And Slashdot is promoting this

[ClosedSource]

Sure, because nobody around here thought about security until this story was posted.

Re:And Slashdot is promoting this

because this is a "stuff"....

Re:And Slashdot is promoting this

[geekmux]

And this matters because..

#1: It's IT-related

#2: It's Security IT-related

#3: Within IT, it has to do with one of the most prevalent technologies in use today.

#4: And finally, it's here, because it sure as hell ain't gonna show up on CNN or the nightly news "tech" corner. Well, at least not for another 6 months or so, when it's "breaking news" to them.

Re:And Slashdot is promoting this

[Sir_Lewk]

Ok, I originally assumed you were purposely being obtuse so my answer was short, and apparently comical to someone... I'll try to explain this clearly and concisely, so that it might sink into that brain of yours:

And this matters because..

Because any self respecting nerd who isn't busy getting their panties all twisted over "OMG HAXX0RZ" could reasonably be expected to find this interesting.

Moxie Marlinspike is a rather high profile computer security researcher who has been featured on slashdot at least once before. This article is about him starting up a service that is potentially controversial (read: 'makes good news') that is relatively inovative. While cracking WPA-PSK is something the general public has been able to do for a while, this is notable because: 1) It is open to the public. 2) It is fast. 3) It seems he intends to make a modest profit off this.

In short, this is in fact "news for nerds". Maybe not news for you in particular but who really gives a shit? Slashdot isn't just about you. Slashdot has articles about new video games, that a large segment of us don't give a damn about, all the time. Nevertheless, that too is news for nerds.

If you want to bitch about slashvertisements this is hardly a prime example.

Re:And Slashdot is promoting this

[kalirion]

Because information wants to be free, dude!

Re:And Slashdot is promoting this

[ClosedSource]

Well, it's nice to know that you care enough to write such a long post. Had I known that "Moxie Marlinspike" was important enough to be featured on Slashdot (perhaps more than once for God's sake!) I surely wouldn't question it.

Re:And Slashdot is promoting this

[ClosedSource]

Believe it or not, there are geeks who don't work in "IT". But the topic doesn't really bother me, I just thought it was more of a promotion than a legitimate story.

Re:And Slashdot is promoting this

[eyrieowl]

I'm sorry, but while I recognize that cracking WPA is legitimately news (well, not news any more, see also "ancient history"), the fact that someone is charging $34 for the honour isn't. I tagged it slashvertisement as soon I read the summary. I mean, how is it *more* legit than some /. posting about "OMG image editing only $80, buy Paint Shop Pro!"? If kdawson wants to give a friend (or love interest) a plug, he could at *least* make it *subtle* by linking the primary TFA to some blog post talking about how WPA can be vulnerable to dictonary attacks and note, as a suble side-note, that someone is even offering a service to do it for, OMG, only $34!!! This, however, was a posting about someone selling a service based on old news. == /vertisement

"test your key", riiiiight

[SuperBanana]

While this job would take over 5 days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes

Anyone interested in testing their own key would not care about it taking 5 days. During a weekday, you're not around most of the time anyway. I doubt anyone cares enough to spend $40 for something that can be done for free.

Re:"test your key", riiiiight

[Dan541]

Suppose your in the middle of a download and suddenly you ISP capps you. For $34 and 20minutes later you could be back online at full speed.

Good thing

Good thing "yourmomispoo" isn't in the diction. Phew!

Re:Good thing

[Lord+Kano]

That's far too short. "yourmomdrinksassmilk" would take longer brute force.

Re:Good thing

[JunkmanUK]

That's far too short. "yourmomdrinksassmilk" would take longer brute force.

I would imagine that would take brute force, yes. I can't imagine my mom agreeing to it.

Re:Good thing

[Lord+Kano]

Not too much to make her do it, just to guess that she does.

LK

Well at least you can say Moxie has Moxie.

[al0ha]

$34 to see if your password can survive a dictionary attack? Hell pay me $20 and I'll gladly save you some money and provide you with a password guaranteed to be unbreakable by brute force. I'll even sign an NDA to ensure I don't disclose it to anyone but rest assured even I won't be able to remember it!

Re:Well at least you can say Moxie has Moxie.

[chill]

I'll save 'em the full $34.

Go here: https://www.grc.com/passwords.htm

Re:Well at least you can say Moxie has Moxie.

[Urd.Yggdrasil]

Pfft, that's only pseudo random data, why settle when you can get true random data.

https://www.fourmilab.ch/hotbits/secure_generate.html
https://www.random.org/passwords/

Re:Well at least you can say Moxie has Moxie.

[DigiShaman]

Take a random 63 character key in hex mode. Has anyone ever been crack such a key in WPA2 AES mode just by sniffing packets?

Re:Well at least you can say Moxie has Moxie.

[Techman83]

Great if you want a secure password. But the parent has provided a link specifically for Wifi passwords. Long, random and valid for WPA and WPA2. Personally I'd reckon that they'd be pretty hard to crack!

Re:Well at least you can say Moxie has Moxie.

Not as good as you think.

If somebody hacks into the server and retrieves the inital vector and 256 secret key, it's trivial to reconstruct *ALL* of the passwords ever handed out. Poor design.

He could create new secret keys regularly (hourly), or preferably mix in some real randomness to fix this.

Re:Well at least you can say Moxie has Moxie.

[Hurricane78]

$20?? Pad me $10 offer a tool that generates an unlimited number of military-grade security passwords that even a young child can remember forever, and optionally also generates public/private keys to use in-between.

<fearmongering>Plus a guide on proper usage and a link list if you’re interested in learning more about how to prevent your young daughter being online-raped, your partner being raped in the ass in prison because of someone framing her, and you getting caught by Chinese/Russian/American/Colombian/whatever intelligence and thrown in a gulag to be raped to the end of your life because you got cracked and were the central of the biggest botnet in human history.</fearmongering>

Buy now! ^^

Re:Well at least you can say Moxie has Moxie.

[mlts]

Even better, use a utility that gets random data without going through the Internet. Here, I use KeePass, tell it to make a 63 character random string, wiggle the mouse and type in some keys.

Then I paste the string into my router, put a copy of the string on a file in a TC protected container. That I copy to a USB flash drive and manually copy and paste that into the rest of my boxes' WPA2 config.

If I forget the WPA2 password, who cares. I log on the router via a hardwired connection, repeat the above process. I also repeat the above every so often (about once or twice yearly).

If someone can brute force a cryptographically secure 63 digit password to get on my WPA2 subnet, they must be very desperate.

The trick is: You do not have to remember the 63 digit string. This means you can use a phrase without worry about trying to keep it in your head. You just need to have it stored in a secure place so you can cut and paste it to all your machines.

Re:Well at least you can say Moxie has Moxie.

*They* can get it when it is on the clipboard because they know an exploit for your OS that you don't.

If someone is going after you there is no such thing as secure. What you are doing is not a lot more secure than using a single password that you never change.
Changing it assumes that your current password hasn't been compromised *and* that your next password won't be the next in their list. The chances that it is aren't very different to the chances for a single password. Your current password could be last in their brute-forcing list for all you know and changing it could only worsen your chances. You have no way of knowing how long they have been trying passwords and which passwords they have tried(this is no SSH). Maybe they just feed the cracker random data and your password will be struck down by God herself.

Re:Well at least you can say Moxie has Moxie.

[wizzat]

Interesting approach. My approach to the problem was to write an application that generated reproducibly random keys and updated all of my computers once per day to have the next key in the sequence. Then one of the computers logged into the router and updated it there. Generally speaking, this amounted to ~10 seconds of downtime while I was sleeping. Really I did it for the nerd cred (to myself).

Sure, it assumed that my initial password had never been broken and they didn't have the source - but that's about as good as someone can ask for these days. Especially considering the most likely threat is from a computer already on the network (rootkits/worms/malware/what-have-you).

Re:Well at least you can say Moxie has Moxie.

[cbiltcliffe]

....God herself.

You said that just to piss people off, didn't you? :)

Re:Well at least you can say Moxie has Moxie.

[wagnerrp]

That's great if you have a compliant device. I spent two hours trying to figure out why my mom's Nokia wasn't working with such a passphrase. I finally got tired of typing in such a long phrase and truncated it to 15 or so characters only to find it instantly working. Turns out while it lets you type in long phrases, it will silently fail to use them in a completely undocumented deficiency.

Re:Well at least you can say Moxie has Moxie.

[Power_Pentode]

Pfft, that's only pseudo random data, why settle when you can get true random data

No "random" data that you get from the net should be trusted. I throw old 16-sided gaming dice to generate a transparent X-Y grid, which is then set over the top of my cat's litter box. The positions of the cat turds are normalized against a reference litter box and fed into a fancy matrix algorithm, the output of which is SHA4 hashed and truncated to make the WPA2 key.

Re:Well at least you can say Moxie has Moxie.

[GravityStar]

Huh? As I read GRC's website the IV itself is either random or pseudorandom. Good luck with hacking the server.

Re:Well at least you can say Moxie has Moxie.

[VoidCrow]

But that's vulnerable to a statistical analysis of the preferred distribution of cat turds. Maybe you should randomise it by giving them catnip every time they take a dump?

Re:Well at least you can say Moxie has Moxie.

Generally i just type some sentence.
Go back, every next character, type another sentence in caps
Go back, every next character again, type a number sequence.
These are all wrapped around if the sequences don't reach the end of the first sentence.
If N+1 sequences are longer than N, just add them on at the end.

iamalemon
ILIKEORANGES
12345678901... so on

iamalemon
iIaLmIaKlEeOmRoAnNGES
i1I2a3L4m5I6a7K8l9E.0e1O2m3R4o5A6n7N8G9E0S
Marvellous.

OH COME ON, WHAT THE HELL FILTER? GET THAT SHIT REMOVED SLASHDOT.
Dot added to get around stupidity.

Re:Well at least you can say Moxie has Moxie.

[cenc]

Randomize the cat.

Or you could go even one more step and kill the cat after it takes a dump.

Re:Well at least you can say Moxie has Moxie.

Method that doesn't involve cat poo

Re:Well at least you can say Moxie has Moxie.

[selven]

That's interesting. I feed the gaming dice to my cat, then feed it ipecac and let the cat throw the dice!

Re:Well at least you can say Moxie has Moxie.

I trained your cat to turd in predefined locations. I'm now 0wning your box.

Re:Well at least you can say Moxie has Moxie.

He so did. Pissed me off. That's a troll. But maybe I'm trolling myself by using "he" to refer to someone whose gender I do not know? I hope that's not trolling, since its proper and efficient, not accounting for my justification, which unfortunately shouldn't be necessary.

Re:Well at least you can say Moxie has Moxie.

[mlts]

If an attacker can get at my machine's clipboard, then I have far bigger problems to worry about other than how sturdy my WPA2 key is. That's akin to worrying if someone is fretting about using Medeco M3, Abloy PROTEC, or Evva MKS on the front door when a robber just smashed into the living room with a pickup truck.

The weakest point of the WPA2 implementation is that every machine on the SSID has to know that key. So if one laptop gets compromised and the attacker is able to extract the key, they have a ticket to entry as long as the MAC address is changable to mimic ones in use. If you want better security, there is always WPA2-Enterprise (EAP-TLS or PEAP) and running your own RADIUS server. The best security is running WPA2-Enterprise, EAP-TLS, and having the client key be on a smart card. This way, even if an attacker steals the laptop, smart card, and smart card PIN, it can be booted off the network access list without affecting any other hosts. Instead of a separate smart card, an on board TPM also works well, allowing transparent network use, but preventing someone from spoofing unless a laptop is compromised [1]. Another way to mitigate loss of a WPA2 key is to use multiple wireless networks, and to put each machine on its own SSID. Of course, on home equipment, this requires an AP per SSID, and on business class routers, you might be limited to only 16 SSIDs.

Oh, one last thing... turning off SSID broadcasting does almost nothing for security. Focus on making the WPA2 key secure instead.

[1]: Wireless security can't help if a laptop is compromised, similar to an ignition lock doesn't help protect a house window (obligatory car analogy). There are other technologies to use to prevent that, disk encryption, antivirus software, two factor authentication, and running a separate user on machines for administrative work versus everyday use on a machine [2].

[2]: Some people say that a standard is "username" for the general use user and "aausername" for the user with admin rights.

Re:Well at least you can say Moxie has Moxie.

[kalirion]

Eh, it's all been predetermined from the beginning of time anyway.

Re:Well at least you can say Moxie has Moxie.

[mlts]

That could be a decently secure system if done right. Have a program running on each of the boxes that takes the year, date, day of week, and hour (perhaps having a value for quarter hour, but you don't want to granular because machines may not be that tightly timesynced). Then add a secret key value. 128 bits would be minimum, best would be something 512 bits of cryptographically strong unpredictable data.

SHA-512 the date info + the random secret key, and convert the info to a WPA2 key format by getting 63 usable characters and dropping the rest, and you have a decent key that changes with time, but in a way that no attacker could duplicate or know what a future change would be. Since they don't have the nonce value that is appended, they have no way of knowing what the result will be, even if they know your date format.

Of course, your weakest link will then become one of your hosts because if an attacker roots one, they can grab the secret key.

I personally don't change my WPA2 key that often (every six months or when I reinstall a laptop), mainly because there are not any feasible attacks, even in theory, that can break a key over time that there are with WEP, or perhaps WPA. I could be wrong though. Maybe its time to move to WPA2 Enterprise sooner or later so the weak link isn't the shared secret.

Re:Well at least you can say Moxie has Moxie.

[zmollusc]

Nokia aren't the only phones with crap wpa implementation. My LG Renoir allows you to type in a 63 digit wpa key with only moderate difficulty, but if you actually try to connect to the wifi network the phone reboots. How i laughed.

Re:Well at least you can say Moxie has Moxie.

[blair1q]

"I trained your cat to turd in predefined locations. I'm now 0wning your box."

That string is my WPA-PSK password! How did you get it!

Which is why...

[Darth+Turbogeek]

... you dont use d!ct!0n@ryw0rd50r@tl3@st make them hard to be brute forced.

I cant really see how this is service is legal but I am willing to be educated how it could be.

Re:Which is why...

[Sir_Lewk]

Why should it be any more illegal than tools like aircrack-ng, nmap, or for that matter, telnet? Just because something can be used by hackers doesn't mean it's illegal*.

*Unless you live in Germany. "Hacker tools" are illegal there iirc.

Also, l33t-speaking dictionary words is generally considered a pretty poor way to create passwords.

Re:Which is why...

[L4t3r4lu5]

That password would be vulnerable to a standard dictionary attack which included l33t v@r1a7i0nZ.

Interleaving words makes it mmuocrhe htaord bfrourtcee.

(much more hard to brute force)

Re:Which is why...

[L4t3r4lu5]

Apologies for replying to myself, but I realise that you concatenated several words. That's great if you want a 20+ character password, but which user wants that? First name + year of birth: 1R9o8b3. EAsy to remember, shocking to crack.

Re:Which is why...

[karnal]

by L4t3r4lu5 --> Apologies for replying to myself, but I realise that you concatenated several words. That's great if you want a 20+ character password, but which user wants that? First name + year of birth: 1R9o8b3. EAsy to remember, shocking to crack.

You were born in the year 4345??? And your real name is Ltrlu?

Cloud?

I'm not typically the one to bitch about terminology as this sort of technical jargon is in constant evolution and that's a normal and good thing, but, uh... cloud? We've been calling this sort of setup a "cluster" for ages, there's no indication in TFA that this is geographically distributed, and it doesn't really do remote data storage or anything like that, which are just a few of the typical aspects of "cloud" crap I can think of off the top of my head. How is this a "cloud" thing?

$34 you can test the security of your WPA password

Only an idiot would pay $34 to see if their password was '12345'.

You can get a nice entropic password for free.

New Marketing Campaign

[zet0n]

Steal your neighbors' wireless for a one time fee of thirty four dollars. Sixty percent of the time, it works every time.

From the Article...

[BulletMagnet]

"Marlinspike declined to say who operates his compute cluster"

I guess he can't come out and say he's using botted boxes, right?

Re:From the Article...

[John+Whitley]

Or perhaps MM simply doesn't want to get the plug pulled by a conventional cloud compute provider, due to the questionable PR (and possibly other attention) that this service may

One could view this as an alternative to the old "publish the exploit as a goad to the provider" tactic. Previously, some cryptographic weaknesses required someone to have the resources to obtain a compute cluster large enough to deal with some specific cracking problem. With this approach, it isn't even necessary to be able to set up an EC2 job -- just shell out a few bucks and away-you-go. It'll definitely be a wake-up call for some folks that big compute clusters are trivially available to anyone.

Re:From the Article...

Yep, and if your password is crackable, you get to join the botnet, too!

It's actually $17 for 40 min.

...$34 is the super-fast price.

400 CPU cluster or 400 node botnet?

[motherjoe]

"WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords"

400 CPU cluster or 400 node botnet? Wonder where's he's getting the funding to pay for a farm like that? I mean you'd need to set up everything in advance of making any money off it. So again, where do the cycles come from I wonder.

Re:400 CPU cluster or 400 node botnet?

[Yo+Grark]

SETI@HOME?

Just wonderin.....

Yo Grark

Re:400 CPU cluster or 400 node botnet?

[Shadow-isoHunt]

It's not difficult to find rainbow tables for WPA-PSK(special in that they're salted(with the SSID) hashes) in community rainbow table projects. Think BOINC - the same goes for LM/NTLM/MD5/SHA1 too.

Re:400 CPU cluster or 400 node botnet?

[mzito]

Actually, in this case, it's very straightforward. He's using Amazon EC2. EC2 charges by the hour, and all you have to do is spin up the number of servers you want. In fact, I happened to run the numbers on what the costs are for running 50 "8-core" servers, and it happens to be...$34/hour. So, what he did was say, "If I run two jobs an hour, I make a small amount of money. If I run 4-5 jobs per hour, I make more money"

This is, of course, a textbook use case for EC2, and I'm surprised no one has done it sooner.

Re:400 CPU cluster or 400 node botnet?

[maxume]

They (only) accept Amazon payments, so it wouldn't be terribly shocking if they were using EC2.

They even offer high cpu instances:

http://aws.amazon.com/ec2/instance-types/

Given that they only charge $0.68 per hour for the high performance instances, he can buy quite a lot of horsepower for $17, and the costs of doing it twice as fast are pretty much exactly the same.

Re:400 CPU cluster or 400 node botnet?

Obviously, the "CPUs" opted in for free labor when they used one of the 135 million words as the password.

Re:400 CPU cluster or 400 node botnet?

[motherjoe]

Good to know, thanks everyone for the replies.

Take care.

Re:400 CPU cluster or 400 node botnet?

[Dan541]

Amazon EC2?

Re:400 CPU cluster or 400 node botnet?

[Fnord666]

This is, of course, a textbook use case for EC2, and I'm surprised no one has done it sooner.

It has been, quite recently in fact.

Re:400 CPU cluster or 400 node botnet?

[wagnerrp]

The cost of $34 is exactly a 50% markup of 400 of Amazon's 'medium high-cpu' instances for the quoted 20 minutes.

Re:400 CPU cluster or 400 node botnet?

[major_clanger]

AWS terms of service (http://aws.amazon.com/agreement/#4b) "you may not operate a site or service that: ... Distributes, shares, or facilitates the distribution of unauthorized data, malware, viruses, Trojan horses, spyware, worms, or other malicious or harmful code (collectively, “Harmful Components”)." It strikes me that a password-cracking service at least sails very close to the wind in respect of this clause.

Re:400 CPU cluster or 400 node botnet?

[maxume]

The faq on the site discusses that they are doing about 150 times as much searching as the typical rainbow table (and if the network password is one of the 150 million that they check, they will find it regardless of the SSID).

Re:400 CPU cluster or 400 node botnet?

how can he run 4-5 jobs an hour when 1 job takes 20 minutes???

who uses WPA anyways?

[Gothmolly]

Who uses WPA or WEP anyways? Either you leech your neighbor's unprotected WiFi, you live far enough away from other homes so that your signal doesn't leave your property, or you maintain a separate DMZ of wireless IPs that can't get into the good stuff, but can access the Internet.

Next people will say that MAC address security is actually meaningful.

Re:who uses WPA anyways?

[rikkards]

Or, you run wired.
One of the first projects I did when I moved into our new house was run ethernet to all rooms

Re:who uses WPA anyways?

[mlts]

Believe it or not, there are some embedded devices which don't have the CPU juice for WPA2, so they were given a BIOS update so they can run something better than WEP as some form of security. WPA has its issues, but it sure beats WEP.

The best wireless setup is to have two wireless SSIDs. Your internal one that runs off of WPA2-Enterprise, RADIUS server, and smart cards. Then an external one that has a stern packet filter and throttling mechanism. This way, people can log on your open wireless to check E-mail, but Limewire and other P2P apps will be stopped. Of course, someone can jump that, but if they do that, its not your problem anymore.

I do see one use for MAC address security, and its more of a legal thing than computer protection. If a security breach criminal case winds up in court, and you can prove a potential intruder was bypassing your MAC security, it might land a conviction. Otherwise, someone can make up a story of you allowing people to have your WPA2 passwords, etc.

Re:who uses WPA anyways?

[bigstrat2003]

All forms of security are flawed, if that's what you're getting at. The goal is not to make it impossible to break into your space (be it computer network, home, whatever), but to make it difficult enough that it's not worth the attacker's trouble. I fail to see why you're bashing things like wireless encryption or MAC filtering for not being perfect, when you ought to realize this simple truth.

I mean, let's look at your example of "your signal doesn't leave your property". If your attacker cares enough to crack your WPA, do you really think he isn't going to care enough to walk onto your property? Of course not. Either he's looking for low-hanging fruit, in which case he moves on to an open wireless network, or he's looking for you, specifically, in which case nothing is going to save you if he knows what he's doing (because failing everything else, there's always physical break-in and forcing you to give up your data).

Re:who uses WPA anyways?

[angelbunny]

Do not underestimate wifi distance.

Years ago I was bored so I made a cantenna (sp?) and was able to crack wep from wifi sources a couple of miles out. (it was a pain in the ass but a fun experience)

To be fair, I'm on a slight hill, the can was in the attic of a two story house pointing out on a mount that I could angle quite precisely to get a signal. If even a slight gust of wind would come by (not enough to visibly notice shaking) it would kill the signal. But yes, a couple of miles out.

Re:who uses WPA anyways?

[cenc]

I live in a country where most of the major ISP's provide DSL and cable modems (I would say around 40% of the country has one these) boxes with wireless and only WEP encryption ( they claim much of the country still only uses WEP when asked ). They do not provide most of the time a way to modify this, and most users would not know how anyway.

Even worse, most use a predictable well known formula for generating the password, that is based on publicly available information. Essentially you need to know two pieces of information about the home owner. Name and tax payer id number. In fact, you could likly input the name of all ISP customers and their tax payer id number in to database, and have instant free wireless connection anywhere in the country there is a wireless signal without cracking. Small country, so we are talking about 1-2 million possible open connections, without needing to capture packets.

Re:who uses WPA anyways?

Or you can just have 1 lan with a strong password and get on with it instead of hyping up on overly complicated crap that doesn't accomplish anything.

Re:who uses WPA anyways?

[mlts]

It is a cool excercise in geekdom to have that though. Plus, another advantage of having the WPA2 password change every so often is that you can give your LAB party guests the WPA password for that interval of time and know that as soon as the cronjob fires to change the router's key, their access automatically gets pulled. Without the cryptographic nonce, they have no way of figuring out what the n+1 phrase is.

If it can be brute forced you're doing it wrong

[zblack_eagle]

Nobody is going to brute force my randomly generated 63 character alphanumeric key. Not before a vulnerability in the encryption appears or the hardware gets replaced with a new standard

Re:If it can be brute forced you're doing it wrong

[Fnord666]

Nobody is going to brute force my randomly generated 63 character alphanumeric key. Not before a vulnerability in the encryption appears or the hardware gets replaced with a new standard

I thought this was how you brute forced a password in less than 30 minutes.

Re:If it can be brute forced you're doing it wrong

Assuming of course that your target can actually remember a password which they only had to enter once a long time ago... If anything, repeated blows to the head will probably impair the target's memory. :)

Do you trust moxie?

Given his infamous reputation for exploiting SSL, do you trust moxie?

What happens if he says your passphrase survived the 20 minute test dictionary run, you put it in production, and he leaves the system running and breaks it later in a brute force attack? Would they tell you that it was cracked then?

bad ass...

[adosch]

This is bad ass and probably worth the $17 for the half-CPU cluster time. However, on a sour note, I can see it getting abused for it's short worth of security affirmation. With monetary gain at stake, I can imagine funding this service is going to far outweigh validating who's using it for malicious intent. It's a far stretch and would get rather expensive for some d0uch3b4g pwning neighboor networks, but if there a network of value to get into, the $17 (or $34) can't even fill my gas take.

Re:Cloud? (not a)

[frosty_tsm]

They don't discuss it, but I wonder if they don't just fire up 400 Amazon instances, do the work, then shut them off. For $34 (an oddly specific number), they can't afford to have 400 CPUs around. However, if they allocate on a job-by-job basis, then their overhead is very low.

This kind of work (high computation, high parallelization, infrequent request) might be the most brilliant and non-obvious use of cloud computing. Low overhead due to using someone else's hardware (rather than having 400 CPUs laying around). If this is truely what they are doing, I am very impressed.

$34? I can undercut that.

[smchris]

For $30 I'll run the command-line random number generator I found on the web and send you a 60 digit number.

If you act today, that's only 50 cents a number!

Nice for English people

[KlaasVaak]

What's the chance of this happening to a non-English speaker? most of the development of this kind of tuff seems to be happening in the the US so hurray for the rest of the world I guess.

Re:Nice for English people

[pierreact]

Rest of the world? You mean.... There's something else than USA??!! That's news... I'll tell this to my american friends.

Passwords that are found in dictionaries = FAIL!

[Hurricane78]

I’m sorry, but if your password is found in a dictionary, you fail, and deserve to be cracked. I don’t care if you’re 50 year old steel worker with no higher education. You are still a human. The most intelligent being on the planet! Behave like one, would ya?

Protip: Adding just ONE special character to your password is going to wreck even faster brute force attacks. Let alone dictionary ones.
If you want your password being “penis”, and it complains that it’s too short, no problem. Add a exclamation mark, or maybe more than one, and you’re not good. You’re great!
I repeat: “penis”: BAD. penis!!!1“: GREAT. ^^

I found some other nice techniques:

1. Use 1337(0d3. ^^ (Or some other keys that only you know what they mean.)

2. (My favorite:) Draw one, two or even more big letters on your keyboard, using all the keys. This works especially well with a custom keyboard layout (I use the German Neo 2.0 layout, which is rather rare. Which makes it rather hard to enter the password on other keyboards though. Then again, that is a feature. As then nobody can log your input on his computer.)

3. If you can, use public key authentication. Let’s see them brute-force a 2048 bit key!

X. Do them all together. E.g. draw “p3n“ on the keys of your keyboard, to decrypt a public key.
But: No, I do *not* expect Joe Sixpack to know that. Then again, he also does not need it. It’s just a bit of evolutionary advantage for us experts. ^^

360 simulatneous cracks would take 5 days.

FTA: 20 minutes instead of 5 days.

If 360 people were using this system simultaneously, and God forbid there be more than that, you would be better off running the crack yourself.

Re:360 simulatneous cracks would take 5 days.

As someone else mentioned, he's probably using EC2 as 50 8-core nodes cost... $34/hour.
so if 360 people are using the system simultaneously a crack will still take 20 minutes.
Although I wonder how long it takes EC2 to get 18000 high-cpu nodes up...

Re:360 simulatneous cracks would take 5 days.

[Dan541]

FTA: 20 minutes instead of 5 days.

If 360 people were using this system simultaneously,

There aren't that many idiots here. They're all at the mall.

Re:Passwords that are found in dictionaries = FAIL

Unfortunately, the wpacracker.com dictionary will even crack your "expert" advice. The reason the dictionary is so large is because it encompasses simple tricks like these -- adding characters to the end of words, exclamation points, elite-speak, mixed case, and even keyboard patterns.

Use a passhprase

[WD]

e.g. a sentence. With capitalization and punctuation. You won't really have to worry about dictionary attacks that way.

Question!

[Dan541]

Will it help me break into my neighbours WiFi?

 

Re:Question!

[MrNaz]

Probably. But the real question is, will it save you from his baseball bat if he finds out?

Re:Question!

[Dan541]

In that case ill change my computer name to something other than "Dan-PC"

Re:Question!

[moonbender]

Hah! Now that you've said that he knows that if the intruding computer's name is something other than Dan-PC it must be you! Unless that is what you want him to think! Hmm.

Or use your gpu that isn't doing much anyway.

[nodrog]

There's a piece of free software http://code.google.com/p/pyrit/ that could crunch through 135 million passwords in a few hours.
On my GTX275 it would take about 3.5 hours. I think i will save myself $34.

Nice name

[Frogbert]

Moxie Marlinspike. That's a Gnome name if ever I heard one.

Re:Passwords that are found in dictionaries = FAIL

[MortenMW]

So.... I guess you really like penises?

Mine cannot be cracked

This service cannot crack my WPA password. Because my password doesn't exsist in a nerds dictionary: "women"

Re:Cloud? (not a)

[wagnerrp]

A medium 'high-cpu' linux instance at Amazon is $0.17/hr.

($0.17/hr) x (20min) x (400 instances) = $22.66666... +50% = exactly $34

Pay for a service thats not even guaranteed!

[DNX+Blandy]

I should know, I do deauthentication attacks against WPA-PSK encrypted networks, hence my site has a few captured packets then need cracking: http://www.md5decrypter.co.uk/forum/forum_topics.asp?FID=9 I currently only have 1 cracked but tbh, as long as you use a very good password, no one is going to crack it. We'll all have to wait until someone figures out a major hole like in the WEP encryption ;) 5-10 mins, no problem!!

Re:Passwords that are found in dictionaries = FAIL

[wisty]

It's a horrible myth that L337SP33K is very secure. Special characters just aren't that great.

Try something like "the quick brown fox shat all over the lazy dog".

Or "twinkle twinkle like a rolling stone".

Or any other phrase that makes sense to your twisted and uniquely messed-up gray matter.

Plaintext is easier for a human to remember than quasi-random characters, and it will be just as secure.

Re:Cloud? (not a)

[joelpt]

Mod parent up! That's some pretty compelling math.

We have a situation here

[gadget+junkie]

In Italy, where I live, it is illegal to set up an unprotected wifi point, but since the vast majority of ADSL modem/routers are sold to homes or small businesses, I see a lot of unprotected access points, with names like "D-link "; I doubt that getting people to use robust passwords would work as well as having them use ANY password.

Oracle

Almost the same thing about Oracle passwords: http://ops.conus.info/

Oracle

[dropper14]

One more online cracking service for Oracle passwords: http://ops.conus.info/

5 days?

[Bert64]

Assuming 5 days for a dual core, and thus 2.5-3 days for a quad core, that's not really a huge amount of time on a machine that's easily available. I certainly wouldn't want to spend $34 when i can just leave a spare quad core box running this in the background for a few days.

Brilliant business plan

[argStyopa]

Capitalism-wise, it's genius. Nearly as smart as prostitution.

"Let me perform a service, charging you by the hour, but the longer I go the happier you are."

Re:Passwords that are found in dictionaries = FAIL

[qmaqdk]

3. If you can, use public key authentication. Let’s see them brute-force a 2048 bit key!

Remember that you can't compare symmetric and asymmetric schemes like that. Usually, in symmetric schemes the bits refer to the length of the password, where in asymmetric schemes it refers to the size of the prime numbers involved. For instance it took a good amount of time to break 64-bit DES at distributed.net, but a 663 bit prime number has been factorized using a general purpose algorithm (http://en.wikipedia.org/wiki/RSA#Integer_factorization_and_RSA_problem).

Re:Passwords that are found in dictionaries = FAIL

[qmaqdk]

Remember that you can't compare symmetric and asymmetric schemes like that. Usually, in symmetric schemes the bits refer to the length of the password, where in asymmetric schemes it refers to the size of the prime numbers involved. For instance it took a good amount of time to break 64-bit DES at distributed.net, but a 663 bit prime number has been factorized using a general purpose algorithm (http://en.wikipedia.org/wiki/RSA#Integer_factorization_and_RSA_problem).

That would be a 663 bit NUMBER. Even I can factorize prime numbers :P