Researchers Crack iOS Mobile Hotspot Passwords In Less Than a Minute

msm1267 writes "Business travelers who tether their iPhones as mobile hotspots beware. Researchers at the University of Erlanger-Nuremberg in Germany have discovered a weakness in the way iOS generates default passwords for such connections that can leave a user's device vulnerable to man-in-the-middle attacks, information leakage or abuse of the user's Internet connection. Andreas Kurtz, Felix Freiling and Daniel Metz published a paper (PDF) that describes the inner workings of how an attacker can exploit the PSK (pre-shared key) authentication iOS uses to establish a secure WPA2 connection when using the Apple smartphone as a hotspot. The researchers said that attackers would find the least resistance attacking the PSK setup rather than trying their hand at beating the operating system's complex programming layers."

Brief Comparison to other Platforms

[Plumpaquatsch]

Other mobile platforms might be affected by these deficits as well. Although, we did not analyze other platforms in detail, spot-checks have revealed that default passwords in Windows Phone 8 consist of only 8-digit numbers. As this results in a search space of 108 candidates, attacks on Windows-based hotspot passwords might be practicable. Moreover, while the official version of Android generates strong passwords2, some vendors modified the Wi-Fi related components utilized in their devices and weakened the algorithm of generating default passwords. For instance, some Android-based models of the smart- phone and tablet manufacturer HTC are even shipped with constant default passwords consisting of a static string (1234567890) [26]. However, future studies will be necessary to evaluate the security level of mobile hotspots on other platforms in more detail.