A practical demo of the latest attack on ... / 2012-01-06

2012-01-06 A practical demo of the latest attack on ...
A practical demo of the latest attack on WiFi security: Hands-on: hacking WiFi Protected Setup with Reaver - Ars Technica shows that it is quite easy to attack WiFi access-points which use WiFi Protected Setup (WPS). The idea behind WPS is that good WPA2 keys are difficult to remember and difficult to reliably copy from the access-point to the client system. WPS uses a PIN hard-coded in the access-point and a client which understands WPS can access the WPA2 key when it has the WPS pin.

But a vulnerability in the WPS system allows malicious clients to find the WPS pin (which cannot be changed..) which allows access to the current WPA2 key. So even if you change the WPA2 key, the WPS pin will still allow access to it.

WiFi security seems to be a constant arms race. And keeping the balance between security and accessibility is also important.

Tags: , ,

IPv6 check

Running test...
, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: newsitem.cgi,v 1.58 2022/12/12 15:34:31 koos Exp $ in 0.008712 seconds.