Hot Sales In China For Wi-Fi Key-Cracking Kits

alphadogg writes "Dodgy salesmen in China are making money from long-known weaknesses in a Wi-Fi encryption standard, by selling network key-cracking kits for the average user. Wi-Fi USB adapters bundled with a Linux operating system, key-breaking software, and a detailed instruction book are being sold online and at China's bustling electronics bazaars. The kits, pitched as a way for users to surf the Web for free, have drawn enough buyers and attention that one Chinese auction site, Taobao.com, had to ban their sale last year. With one of the 'network-scrounging cards,' or 'ceng wang ka' in Chinese, a user with little technical knowledge can easily steal passwords to get online via Wi-Fi networks owned by other people. The kits are also cheap. A merchant in a Beijing bazaar sold one for 165 yuan ($24), a price that included setup help from a man at the other end of the sprawling, multistory building."

Re:Are these available in the states?

[Annymouse+Cowherd]

By sniffing traffic to determine the existence of your network?

Re:Are these available in the states?

[GillyGuthrie]

and it makes it simple for my wife to let others on.

It seems simpler to configure WPA/WPA2 and just type in a password than to manually configure the router to allow a specific MAC address...

Re:Are these available in the states?

[rtb61]

For those crimes being accused is sufficient to destroy your life, especially when it often takes a considerable period of time to clear things up, months and often years. The 'other side' is law enforcement and they have no problem tracking accessing you via your ISP. As for selectively breaking into a connection to target a specific person, simple proximity and monitoring over a short time will be sufficient to identify the specific target, upon whom you wish to piggy back questionable traffic.

Not long ago a person was presumed guilty by the RIAA and a civil court a fined hundreds of thousands of dollars, with no physical evidence just the ISP records, with the persons claim that someone broke into their network not being accepted as a defence with out "PROOF OF BREAK IN" ie they were required to prove themselves innocent. Of course that is civil versus criminal but the point can be mute if it is equally punishing at the end of the day.

Oddly enough legally speaking having a completely insecure and open wireless network would be safer than a secured and encrypted network ie on the unsecured one you do not have to prove someone else accessed it.

PS the first step of breaking into people's computers is breaking into their network especially their internal network versus secured beyond the firewall internet connection (well, hopefully at least that). In charged political times and under social economic stresses, these destructive attacks become more prevalent, the real point is innocent until proven guilty needs to be at the forefront of all computer and network based crimes, especially when it comes to confiscation of technological devices for forensic analysis until the investigation is completed months or years later.