Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verizon MiFi Owned By Simple Attack

Posted by timothy on from the changing-the-default-seems-smart dept.

Trailrunner7 writes "Security researcher Joshua Wright has developed a simple attack that allows him to recover the passwords for any Verizon MiFi device. The MiFi is essentially a tiny, portable wireless AP, and Wright's attack uses a simple and effective technique to get default passwords by using the device's SSID and some existing password attacks on the encryption protocols the MiFi employs. Result: complete 0wnage of any MiFi."

2 of 86 comments (clear)

  1. Slightly misleading title by Scorpion_1169 · · Score: 5, Informative

    To clarify, this exploit is only for the configuration as shipped from the factory. Just like most consumer routers, you can reconfigure the SSID and WPA-PSK values via a web interface.

  2. Re:Dupe? by rhsanborn · · Score: 4, Informative

    Not a dupe, just double embarrassment for Verizon. Femtocells are devices used to extend cellular coverage, usually in your home or office, generally via your own internet connection with a box you generally have to pay extra for. The MiFi device is a mini wireless access point that has a built in cellular access. It allows you to share your Verizon cellular internet service with friends or coworkers.