Researchers Crack iOS Mobile Hotspot Passwords In Less Than a Minute

msm1267 writes "Business travelers who tether their iPhones as mobile hotspots beware. Researchers at the University of Erlanger-Nuremberg in Germany have discovered a weakness in the way iOS generates default passwords for such connections that can leave a user's device vulnerable to man-in-the-middle attacks, information leakage or abuse of the user's Internet connection. Andreas Kurtz, Felix Freiling and Daniel Metz published a paper (PDF) that describes the inner workings of how an attacker can exploit the PSK (pre-shared key) authentication iOS uses to establish a secure WPA2 connection when using the Apple smartphone as a hotspot. The researchers said that attackers would find the least resistance attacking the PSK setup rather than trying their hand at beating the operating system's complex programming layers."

Re:

[girlintraining]

to be fair, it took them more than a week to crack it, but now that they've cracked it a hotspot password can be cracked in 50 seconds. a big difference I think.

Not to an attacker. Google "rainbow tables" sometime, and then realize that even strong passwords up to 16 characters in length are currently crackable in mere seconds. 50 seconds is pathetically slow for the sophisticated attacker today.

Re:

[Russ1642]

Rainbow tables are useless against properly salted passwords. Anyone not using a salt in this day and age is begging to be hacked.

Re:less than a minute?

[CastrTroy]

And rainbow tables are also only good if the attacker has access to your password file. If untrusted people have access to your password file, you already have some problems. The only case where the attacker should have access to the password file would be if they had physical access to the machine, in which case you'd better trust them to some degree anyway. However, what frequently ends up happening, is that remote systems are hacked into and password files are downloaded, and analyzed using a rainbow table. Sure the salting of passwords would have helped a little in this situation, but the glaring problem is that they hacker should have never been able to obtain the password file in the first place.

Re:

[CastrTroy]

Sure you're right, both should be done, but it's still a little unsettling how often password files are retrieved from large sites. Whenever I see a security bulletin stating "Password file compromised, but it was salted and hashed" I think people are missing the whole problem. If they were able to obtain the password file, what other information were they able to make away with?

Re:

[LordLimecat]

Completely different scenarios. Rainbow tables only work when you have access to hashed passwords. They also run into trouble with salts. They also run into trouble when you change hash algos (have to re-generate the tables).

Re:

[noh8rz10]

what is a rainbow table?

Re:

[duk242]

Here you go: http://en.wikipedia.org/wiki/Rainbow_table [wikipedia.org]
In short: It's a precomputed set of hashes, you can spend as long as you like generating the hashes beforehand and putting them into the rainbow table, then when it comes time to crack the password you just match the hash up with the one you've hacked. Of course, if they're salted or using a different method to generate the hash than your rainbow table, you're screwed :P

Argh!

[girlintraining]

the operating system proposes four-to-six-character passwords generated from a default list of 1,842 words and then tags on a random four-digit number.

*facepalm* Dinopass [dinopass.com] does a better job of picking good passwords than Apple, and it's designed for children. For the largest company on the planet, this is really, painfully, sad. In other news, this isn't a weakness in the crypto per-se -- it's making a suggestion. The user still has the option of picking something more secure.. so it's not entirely Apple's fault if your hotspot gets p0wned.

Re:

[NeoMorphy]

and it's designed for children

So, like Apple.

That was not necessary. You shouldn't imply that they are that ignorant.

Re:

[54mc]

For reference, that means there's 18,420,000 combinations.

Re:

[cbhacking]

Or (in the terms that people in this area usually think in) just over 24 bits of entropy. (~24.135)

That is absurdly low for an auto-generated single-use password.

Re:Argh!

[retchdog]

The researchers say that the words are not picked uniformly at random, so it's actually fewer bits than that.

It's not hard to see why apple makes it this way: it's so that it's easy for you to share the password with people, and so that it's uniformly easy to type in on smartphones and tablets which reliably have only alphanumerics (and minimal punctuation) on the default keyboard.

Most people don't care about this stuff, and if you do you can change it. Apple understands that ease-of-use is king. That's why they make money.

Re:

[girlintraining]

Nope.

* By market capitalization [wikipedia.org].

Re:

[sl4shd0rk]

Dinopass does a better job of picking good passwords than Apple

Nice! I finally have an awesome root pass!
+otalDingle48

Re:

[Anubis IV]

Not to defend it too much, since I agree that this is rather silly of Apple to have done, but we do need to remember that these hotspots are transient, and that for them to be attacked, an attacker would have to both know the location of one and when it will be there. That said, if someone were in a routine that an attacker was aware of, it would be fairly trivial to use this attack against them, and even if they generated a new password, they'd still face the issue again.

Simple.

[Bill_the_Engineer]

Don't use default passwords.

Re:

[Anonymous Coward]

The original article implied that IOS6 users were no longer able to choose their own password. I would hope and expect that this isn't true, but that's what they implied, and I wouldn't put it past Apple to do something like that. The word choice is a naughty word for Apple.

Re:Simple.

[Aaden42]

Indeed this is not true. I use mobile hotspot on iOS6 (iPhone 4S). Default password was pathetic, but easily changed.

Internet Abuse

[Major Ralph]

abuse of the user's Internet connection

I abuse my internet on a daily basis.

Re:

[antdude]

Me too. Although, a few times the owners (e.g., ISPs) did complain and even kick me off. :(

Fixed in iOS 7

[eecue]

FWIW, this has been fixed in iOS 7, it is now totally random.

Re:

[Anonymous Coward]

Proof?

Re:

[adolf]

Nothing is totally random.

Re:

[Anonymous Coward]

So, someone else might be able to jump onto your phone data when you are tethering... however to do so they need to lug around a big computer tower with a bunch of GPUs plugged in, and only if you use the default password.

This is very much a non-story. Most people using tethering will have it enabled when they need it then turn it off (otherwise major battery drain), so they might be able to use your internet for a little bit but then they'll be left with nothing. And it's really really easy to change the default password, on the screen to enable mobile hotspot on your phone the password is displayed, tapping on it gives you the keyboard to change it. This was the way it worked from the beginning of IOS tethering.

With changing the password being so easy, how many people who use tethering would leave it at the default? Most people I know would change it just to make it more personal and memorable.

The tower-full of GPUs doesn't have to be on-site. One can always transfer the captured handshake to a remote system for cracking. Of course, this renders the goal of getting a little free wireless broadband pointless (as it supposes an attacker already has some kind of network access).

Re:

[Wookact]

So, someone else might be able to jump onto your phone data when you are tethering... however to do so they need to lug around a big computer tower with a bunch of GPUs plugged in, and only if you use the default password.

I read the article, It said nothing about lugging around a computer filled with GPU. I would be willing to bet my laptop could handle that.

“The app also gives explanations and hints on how to crack a captured WPA handshake using well-known password crackers,” the paper said. “Future releases might also automate the process of capturing and cracking hotspot passwords. As computing power on smart devices is limited, one solution is to involve online password cracking services like CloudCracker, to crack hotspot passwords on-the-fly.”

In fact it sounds as if it may even be feasible without the laptop.

Not surprising

[slashmydots]

Apple knows security about as well as I know Portuguese. I do not know Portuguese, lol. They're so obsessed with "just make it work" and "make it user friendly" that they toss security out the window just as quickly as Lexus did and now you can hack one and drive away in 2 minutes.

Ancient Hoax

[Cajun Hell]

..in iOS 6 for example, the operating system proposes four-to-six-character passwords generated from a default list of 1,842 words and then tags on a random four-digit number.

I think I can explain what happened.

First of all, this story is a dupe. It originally ran on April 1st, 1990. At the time, the story was about "System 6" but some recent tech media editor thought that meant "iOS 6" (I'll explain how the mistake happened, below). That explains the pre-mass-mainstream approach to passwords.

Secondly, even the 1990 story was a hoax. By the standards of the day, that was still such a stupid way to generate passwords, that no one would do it.

Third, the story was written by a guy who turned out to be working at Microsoft. The whole point of the hoax was to make the Newton tablet look stupid, a mis-engineered travesty designed by utterly clueless morons. The 2013 tech media editor saw "Newton" and knew that couldn't be right, which is how it became iOS. Newtons didn't really run System 6, but the original Microsoft author didn't know that.

In short, this is about stupidity that is so stupid, that people didn't do things that stupidly, even back when your mother hadn't heard of the Internet yet.

Just kidding. It's a modern story, but I just wanted to point out that even the most absurd bend-over-backward-to-rationalize-things explanation for behavior this stupid, still isn't very convincing. No field can distort reality to the required degree.

Brief Comparison to other Platforms

[Plumpaquatsch]

Other mobile platforms might be affected by these deficits as well. Although, we did not analyze other platforms in detail, spot-checks have revealed that default passwords in Windows Phone 8 consist of only 8-digit numbers. As this results in a search space of 108 candidates, attacks on Windows-based hotspot passwords might be practicable. Moreover, while the official version of Android generates strong passwords2, some vendors modified the Wi-Fi related components utilized in their devices and weakened the algorithm of generating default passwords. For instance, some Android-based models of the smart- phone and tablet manufacturer HTC are even shipped with constant default passwords consisting of a static string (1234567890) [26]. However, future studies will be necessary to evaluate the security level of mobile hotspots on other platforms in more detail.

Re:

[jeremyp]

In a sense, it would have been better for Apple to do that. The hotspot password is displayed directly below the switch that turns the hotspot on. If I had seen it said "1234567890" the first time I used personal hotspot, I would have immediately changed it to a reasonably strong password.

However, the password that was displayed was "mucked3879" which I just assumed was generated randomly and didn't change until I first heard about this vulnerability.