Researchers Crack WPA Wi-Fi Encryption 311
narramissic writes "Researchers Erik Tews and Martin Beck 'have just opened the box on a whole new hacker playground, says Dragos Ruiu, organizer of the PacSec conference. At the conference, Tews will show how he was able to partially crack WPA encryption in order to read data being sent from a router to a laptop. To do this, Tews and Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes. They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack. 'Its just the starting point,' said Ruiu."
Ha ha ha ha (Score:3, Funny)
All your AP are belong to us.
You have no chance to survive make your time.
Hahaha! (Score:5, Funny)
Re:Hahaha! (Score:5, Funny)
Re:Hahaha! (Score:3, Funny)
Yeah, and I run an open access point with the SSID hidden called "secret_awesome".
I feel like its the least I can do to help any new geeks in the area :).
Re:Hahaha! (Score:3, Funny)
Re:Hahaha! (Score:5, Funny)
I run one called "man_in_the_middle". Best pay attention to those certificate warnings when you're using it.
Re:Meh (Score:2, Funny)
Of course you can.
If you want to take it to its logical conclusion, you can make that person hand you all his passwords and personal information if you storm into his house swinging a baseball bat or a samurai sword. I have seen some hollywood movies where the the president hands over the codes to national treasury to criminal masterminds who threaten to detonate nuclear bombs in metropolitan areas during some ceremonial parade -- that is until the retarded hero (usually Bruce Willis) shows up.
Re:OHNOES! (Score:5, Funny)
Re:I use ROT13 (Score:2, Funny)
Re:Who uses TKIP instead of AES? (Score:1, Funny)
I herd you liek TKIPs
Re:WPA2 is NOT broken (Score:5, Funny)
Nerds like to sit.
You can sniff packets while sitting just about anywhere. In your kitchen. In your car. On the crapper.
To tap a line, you usually have to get up, and you often have to use some archaic toolset like Screw.Driver or Flash.Light that you haven't supported since 3 forks ago.
Re:WPA2 is NOT broken (Score:3, Funny)
Re:Meh (Score:5, Funny)
Bah... cat5 is already broken, and cat5e is next.
Got to think cat6 at least, if not cat7. They're much thicker; harder to break.
Re:Secure Wi-Fi (Score:2, Funny)
My security is a lot simpler and more effective: one of my neighbors has an open WAP with "linksys" for an ssid.
Don't worry, I changed the default admin password for them.
Re:Meh (Score:4, Funny)
You can even do it without physical access on cheap routers and/or modems, by pointing a good digital camera and a telescope at the blinkenlights on the front of them. :D
Re:'Story' tag (Score:5, Funny)
They should tagged it "tagged" if it is tagged and "!tagged" if it's not tagged.
Re:Meh (Score:5, Funny)
Apparently you just haven't watched enough movies. Obtaining physical access IS trivial. All you need is a hot chick to go swipe the security guard's badge that he conveniently left lying on his desk, and you're guaranteed access anywhere in the building.
Re:Meh (Score:5, Funny)
Well duh, of course it's trivial. They're always swooning over you. (Well, except when they're pretending to fight with you, but even then they always come around just in time.) Haven't you learned anything from Hollywood??
Re:Who uses TKIP instead of AES? (Score:3, Funny)
Look, obviously TKIP is more secure, becuase it has more letters.
You geek types are always saying I should use a longer password, right? This is the same thing.
And anyway, they wouldn't make it an option if it wasn't secure.
Re:Meh (Score:5, Funny)
Yeah, except smarts and hotness are inversly proportianal in most cases.
What good is getting access when the bubblehead can't figure out what a wiring closet looks like.
Re:Who uses TKIP instead of AES? (Score:5, Funny)
What's also funny is that my router gives me better throughput with WPA/AES than WEP
That's because your router is laughing at you using WEP in between encrypting/decrypting the packets....that's why it takes longer.
Re:Hahaha! (Score:2, Funny)
Cracked and Mad (Score:1, Funny)
If WPA is Cracked [cracked.com] then is WPA2 Mad? [dccomics.com]
Re:Meh (Score:4, Funny)
hey its "yes, you can08" to meet the new stricter password requirements
Obviously (Score:4, Funny)
over 9000.
Re:Meh (Score:2, Funny)
Or I could just whip out my Mr. Fusion.
Is that what the kids are calling it nowadays?
Re:'Story' tag (Score:2, Funny)
Re:Meh (Score:5, Funny)
smarts and hotness are inversly proportianal
Wow, you must be really hot...
Re:Who uses TKIP instead of AES? (Score:3, Funny)
LOL! Is there a patch for that? He probably just needs to pull the UDP plug out the bottom and let all the dropped packets drain out. Where do you think they go when they are "dropped?" Dropped packet buildup has killed more routers than I can count.
Re:Hahaha! (Score:3, Funny)
No, that would be me, Comcast.