The Real Story On WPA's Flaw

Glenn Fleishman writes "The reports earlier today on WPA's TKIP key type being cracked were incorrect. I spoke at length with Erik Tews, the joint author of the paper that discloses a checksum weakness in TKIP that allows individual short packets to be decrypted without revealing the TKIP key. I wrote this up for Ars Technica with quite a bit of background on WEP and WPA. Tews's paper, co-written with Martin Beck, whom he credits as discovering and implementing a working crack (in aircrack-ng as a module), describes a way to use a backwards-compatible part of TKIP to exploit a weakness that remains from WEP. ARP packets and similarly short packets can be decoded. Longer packets are likely still safe, and TKIP hasn't been cracked. Don't believe the hype, but the exploit is still notable."

vocabulary

[Anonymous Coward]

Use really long words.

Re:The boy who cried wolf...

[flajann]

Saw it on the Internet; It's gotta be true!

We should be safe from any WPA vulnerability!

[Karpe]

Still using WEP here. ;)

Re:vocabulary

[coleblak]

Can you have firefox loaded on a usb key with all those addons installed? make it safer for you if you can.

Re:Don't panic, but...

[Vexorian]

Until today, sumdumass was not able to agree with common sense.