A practical demo of the latest attack on ... / 2012-01-06

Koos van den Hout

2012-01-06 A practical demo of the latest attack on ... 8 years ago
A practical demo of the latest attack on WiFi security: Hands-on: hacking WiFi Protected Setup with Reaver - Ars Technica shows that it is quite easy to attack WiFi access-points which use WiFi Protected Setup (WPS). The idea behind WPS is that good WPA2 keys are difficult to remember and difficult to reliably copy from the access-point to the client system. WPS uses a PIN hard-coded in the access-point and a client which understands WPS can access the WPA2 key when it has the WPS pin.

But a vulnerability in the WPS system allows malicious clients to find the WPS pin (which cannot be changed..) which allows access to the current WPA2 key. So even if you change the WPA2 key, the WPS pin will still allow access to it.

WiFi security seems to be a constant arms race. And keeping the balance between security and accessibility is also important.
Tags: , ,
, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated in 0.004158 seconds.