WPA/WPA2 Cracking With CPUs, GPUs, and the Cloud

← Back to Stories (view on slashdot.org)

WPA/WPA2 Cracking With CPUs, GPUs, and the Cloud

Posted by CmdrTaco on Monday August 15, 2011 @04:33AM from the its-different-cuz-its-cloudy dept.

wintertargeter writes "Yeah, it's another article on security, but this time we finally get a complete picture. Tom's Hardware looks at WPA/WPA2 brute-force cracking with CPUs, GPUs, and Amazon's Nvidia Tesla-based EC2 cloud servers. Verdict? WPA/WPA2 is pretty damn secure. Now to wait for a side-channel attack. Sigh...."

8 of 106 comments (clear)

Min score:

Reason:

Sort:

The Only Solution by MightyMartian · 2011-08-15 04:38 · Score: 5, Insightful

Ultimately the only solution is to have a segregated WiFi network. I've set one up in one of our offices, with the others to follow soon. If one our workers needs to access internal network resources from our WiFi network, he's got to do what he'd do if he was in a coffee shop or an airport, establish a VPN connection to the internal network. There simply isn't any other solution so far as I can tell. You have to treat WiFi as a potentially hostile entry point.

--
The world's burning. Moped Jesus spotted on I50. Details at 11.
1. Re:The Only Solution by h4rr4r · 2011-08-15 04:47 · Score: 5, Insightful
  
  Anyone with a set of overalls a handtruck/cart and a cardboard box can get into pretty much any office.
2. Re:The Only Solution by h4rr4r · 2011-08-15 05:14 · Score: 5, Funny
  
  Nope, just had to chase a verizon man out of my server room a couple weeks ago.
  The receptionist let him in because it said verizon on his jacket and someone kept letting him through doors after that. He was on the wrong floor and would have disconnected live equipment had I not chased him our with a rack rail.
3. Re:The Only Solution by BitZtream · 2011-08-15 05:36 · Score: 5, Insightful
  
  Who's fault it is isn't relevant. If you're concerned with fault, you must be a manager rather than something useful. The goal is to keep things private and secure, not make sure you get to point the finger somewhere else. If you're pointing the finger, you've already failed even if you're too stupid to realize it.
  
  --
  Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Side channel attack? by liquidweaver · 2011-08-15 04:43 · Score: 4, Funny

It's not possible remotely. I'd like to know how a side channel attack could be executed against a wireless target? Magic? "Hey, do you mind if I hook up my oscilloscope to you router for a few hours? Why? No reason."

--
mov ah, 4ch
int 21h
1. Re:Side channel attack? by localman57 · 2011-08-15 05:01 · Score: 4, Funny
  
  In that case, I'd like to ask if we could have your wife come in and do some testing at the mattress store where I work. Any time after closing would be fine.
Re:brute farce by Hatta · 2011-08-15 04:48 · Score: 3, Insightful

That's why we use WPA2/AES.

--
Give me Classic Slashdot or give me death!
Re:if it is so damn secure by sakdoctor · 2011-08-15 04:53 · Score: 4, Informative

"We", pretty much do. The underlying algorithm is AES, used in ssh, https, bitlocker, GPG, and so on.