Sophos Researcher Suggests Password 'Free' to Spur Wi-Fi Encryption 332
An anonymous reader writes "In the wake of concerns about FireSheep sniffing credentials from people using unencrypted public WiFi hotspots, a security researcher has proposed that the problem does not just lie with big websites like Facebook, but also with those who provide free wireless internet access. Chet Wisniewski, a researcher at security firm Sophos, proposes that all free WiFi hotspots should be encrypted — with the password 'free.' ''I propose standard adoption of WPA2 and a default password of "free." Whenever you wish to connect to complimentary WiFi, you select "Courtyard Marriott" or "Starbucks" like you always have, but you are then prompted for a password. Just type "free". It's not hard. In fact, operating system vendors could even program your PC to automatically try the password "free" before prompting you for a password on the assumption that you might be selecting a free service.'"
Re:WPA2 minimum passphrase length... (Score:1, Informative)
OK then "PASSWORD"
'Free' or 'free'? (Score:4, Informative)
I find it sad... (Score:2, Informative)
That a security research doesn't know better than this. Encryption with a PSK is useless as far as sidejacking is concerned. There is no decent client to client encryption unless you use WPA/2 Enterprise.
To suggest otherwise is bullshit, and he should be blaming the websites who are the problem.
Re:Careful with those quotation marks (Score:5, Informative)
I'm afraid it is not that simple. You should always be wary of assuming that the rules used in your locality are universal. There are two styles in general use regarding punctuation and quotation marks. See the wikipedia entry [wikipedia.org] on the subject:
In the U.S., the standard style is called American style, typesetters' rules, printers' rules, typographical usage, or traditional punctuation, whereby commas and periods are almost always placed inside closing quotation marks. This style of punctuation is common in the U.S., Canada, and in the U.K. in fiction and journalism.
The other standard style--called British style or logical punctuation--is to include within quotation marks only those punctuation marks that appeared in the quoted material, but otherwise to place punctuation outside the closing quotation marks.
Using the British style is less ambiguous in this case.
Re:Before everyone says that's idiotic... (Score:5, Informative)
In other words, the designers of WPA2 screwed up by not using something like Diffie-Hellman to negotiate a private connection before the initial password even changed hands?
I realize this would be subject to man-in-the-middle, but that would seem to be detectable as you would get two different responses when you tried to do the initial negotiation, after which the OS should report "something's screwy with this network" and refuse to connect.
WPA designers punt the problem of establishing initial session encryption key to EAPOL. Designers of EAP applications can use whatever authentication protocol and crypto bindings between layers that they want.
DH is pointless in the case you point out because it would be trivial to operate as you point out a middle man to circumvent. For a "This is screwy" response to be possible it would require some prior knowledge to establish a trust relationship between systems. Encryption without trust is less than useless.
Let's says that this is really idiotic! (Score:3, Informative)
There are so many ways this suggestion is wrong, it is not even funny.
TFA says WPA2 negotiates unique encryption keys with every computer that connects to it. This means you and I cannot spy on one another's traffic even when sharing access on the same access point. That's true, but anyone who can listen to the exchange and know the shared key will be able to learn the key. Plus, there is a very neat man in the middle attack.
Suppose that I am an evil sheep herder near a Starbuck cafe. Nothing prevents me from broadcasting a Wi-Fi beacon that announces that I am running a Starbuck access point. Here comes the sheep, who is really happyto see that the connection is secure. Hey, he used WPA2 and the "free" password, his packets are encrypted. Except they are all coming to my laptop. Oops!
Re:This will not work. (Score:3, Informative)
The client has the keys only to decrypt traffic targeted to the client, not to other clients.
Re:This will not work. (Score:4, Informative)
It is easy to bypass though by capturing a four-way handshake. A fake authentication can be used in order to have a client go though it again.
He's not a researcher, he's a salesman (Score:5, Informative)
Uhmm, maybe Sophos should invest in security training of their staff before they start selling supposed security products.
He's neither a researcher (someone who works in the virus labs) nor an engineer (someone involved in development of our endpoint or management products). He's in sales. Nothing to see here people, move along.
Posting anonymously because I work there.
Standards conflate encryption and authentication (Score:5, Informative)
Most of the Wifi systems are negotiating a random session key and using the password to authenticate it, so that's doing pretty much what you want.
However, they were mostly designed with the assumption that the objective is to prevent unauthorized access, not to protect the contents of the communications from eavesdropping, so the only way you can get encrypted sessions is to have password control, which is too bad.
Re:I like this. (Score:2, Informative)
Re:I like this. (Score:5, Informative)
On a WPA2 network, a user cannot eavesdrop on another user despite having the same key, because a unique handshake is performed when each user connects. Without the data that was passed in the handshake, an eavesdropper has no way of decrypting your traffic.
They can, however, force your connection to be reset, and when you reconnect they can capture the handshake. With the data that was passed in the handshake, they can decrypt all of your traffic.
Re:I like this. (Score:3, Informative)
Because they screwed up: http://wiki.wireshark.org/HowToDecrypt802.11 [wireshark.org]
"WPA and WPA2 use keys derived from an EAPOL handshake to encrypt traffic. Unless all four handshake packets are present for the session you're trying to decrypt, Wireshark won't be able to decrypt the traffic. You can use the display filter eapol to locate EAPOL packets in your capture. "
So if all four handshake packets are there (there are ways to help ensure you see them ;) ), you can crack WPA2 PSK, today with wireshark.
And both the PSK and "Enterprise" mode are apparently vulnerable to this: http://www.airtightnetworks.com/wpa2-hole196 [airtightnetworks.com]
So Mr "Senior Security Advisor at Sophos Canada" doesn't know what he's talking about. It's not so simple as just typing "free" (since no username is mentioned, I think he means the very broken PSK modes and not the less broken Enterprise modes).
I blame the WiFi standards bunch.
Re:I tried it (Score:4, Informative)
Because WPA2 generated per session keys.
Although everyone connecting would use same password (in this instance free).
Each session key would be unique and thus would prevent snooping.
Theoretically one could redesign WPA (WPA3) to have a passwordless mode where traffic is still encrypted however no password is needed. This is simply a "could work today" modification of existing protocol.
Re:He's not a researcher, he's a salesman (Score:2, Informative)
From the Article's About the Author:
Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics.
If Mr. Wisniewski is in sales, perhaps Sophos should reconsider how it hands out titles. It kinda reminds me of that article about McAfee's horrible advertisement e-mail which looked like a phishing attempt.
Basically, If you're in the security business maybe you should avoid abusing trust....