WPA networks cracked in just under a minute, researchers claim
By Ross Miller 
posted August 27th 2009 9:42PM
posted August 27th 2009 9:42PM
posted August 27th 2009 9:42PM
A look back on popular stories from today in a specific year.
Now that we've thrown 'em off the trail, use the form below to get in touch with the people at Engadget. Please fill in all of the required fields because they're required.
hehe
This is old news. Posted on f2bbs.com with instructions a week ago.
come on now, you can't just toss out a forum link and say old news without actually direct linking to the actual topic. you should know better... or else give us the instructions.
Hooray! More f2bbs bots!
I get the last laugh. I don't encyrpt. If your wifi signal makes it's way to my computer when I'm on the road I'll use it and if you need to use mine then go ahead.
I'll just put my wifi into Faraday Cage then, avoiding from being stolen by Nicholas Cage.
Thanks for the info engadget!
Gone in 60 seconds,haha, Engadget can steal that cover, they license this stuff or what is going on here? They even call other people KIRFers,lol.
actually KIRF is an a term engadget made up, so the irony is that you should be licensing it from them to say it
@ no_one: it's just a parody dude...
Just use MAC filtering on your router instead of a key. Sure a PITA when setting up new devices but better speed (no encryption/decryption overhead) and completely locked down to anyone else trying to use it.
Changing a MAC address isn't hard. That is very is spoof.
but if you can't connect to the network then how can you known which mac to clone?.
"Just use MAC filtering" is such bad advice.
Or maybe you are a bandwidth leecher trying to encourage bad habits?
See, APple produucts are so secure that even NAMING something after an Apple computer is far superior...
AHAHAH
MAC!
Get a mac, use a mac...
@Magallanes: You don't need to connect to pull the MAC addresses. You don't even need to decrypt the packets to get them! They are always visible.
@James - The MAC addresses comes from the 802 standard, which is dates back the February 1980. In fact, Xerox was using a similar MAC system all the way back as far as 1972. The "Mac" you are referring to came years later, in 1984 (as well all know from the commercials). Your post shows that you are both a troll, and incredibly ignorant. In the future, please refraining from trying to discuss that which you do not understand, maybe then you will avoid achieving the oh-so-deserving title of "Lowest Ranking".
For a second I thought Kobe University is where you learn about basketball and adultery...
no, beef
I can has white women to rape?
I think it has something to do with steaks, actually.
is WPA personal with TKIP algo safe enough for a small home network? i've got 4,5 wifi networks in my surroundings, just wanted to be sure if i'm really vulnerable to wifi hacks?
my password is 12-15 characters with digits and sepcial chzracteers...
adultery!!?!! that makes it sound like she wasn't sexually assaulted.
I was thinking about a nice juicy steak.
That is an entertaining photoshop.
Curse you, broken comment system!!!!
Actually, it made your response very entertaining.
The least they could have done is put the WiFi over Nicholas Cage's face instead of Angelina! Does Ross have a man crush on Nicholas and secretly despises Angelina? :p
MAC filtering is the easiest thing to get around.
Quote from Wikipedia...
MAC Filtering can be circumvented by scanning a valid MAC (via airodump-ng) and then changing the own MAC into a validated one. This can be done in the Windows Registry or by using commandline tools on a Linux platform.
Ah this is too funny, I was just changing the settings on my linksys network. Turn on engadget and I see my router getting cracked by Mister bird hair Nicholas Cage, Awesome.
So you can do the thing on WPA.
is WPA personal, with TKIP protection secure enough?
i'm using a random 15 char pass with special chars and digits... just a small home network.
The whole article is how WPA1 (WPA1 = TKIP) is vulnerable because of a flaw. Most likely they are not brute forcing your password, and no amount of complexity for a password is gonna save your network. But the likelihood of anyone having the technical know-how is extremely rare. If you live in New York City or any other big city, you may have a concern.
http://en.wikipedia.org/wiki/WPA2
I've got a question: My router is currently secured with a WEP-WPA2 combination because the print server doesn't support WEP. what does this mean? I'm using a netgear WNDR3300. is it WEP on the 2.4ghz band and WPA2 on the 5ghz?
You suck at life.
It means your 2.4 band is as good as open.
Meaning his network is meaning his router is meaning his 5GHz is too logically.
What router are you using? I've been in IT for 16 years (but a geek my whole life) and I've never seen a consumer level wifi router that can simultaneously use two different encryption protocols. Are you sure that you are using WEP and WPA2? I kind of doubt it. You are probably using one or the other. Anyway, regardless, you don't need WEP (and actually shouldn't use it at all because of how insecure it it). Everyone (and by that I mean EVERYONE) should use WPA2 (which uses a derived form of AES encryption) on their wifi routers. WPA2 has still not been broken in a live environment and is considered by security experts to indeed be secure. Anything less than WPA2 is vulnerable. WEP is actually a joke and with tools downloaded from the Internet anyone can basically break into any WEP 'secured' network in less than a minute by using just a laptop.
Moral of the story: Use WPA2 on your wifi networks. Anything else is vulnerable.
maybe run two dif. ip subnets with an open router and move on?
Probably splitting your wifi from your wired is a good way of protecting the wired network from intrusion, but it won't help your devices that are on the wifi, and makes sharing files between machines a little difficult.
Somebody needs to come up with an easy built-in RADIUS server router firmware. TinyPEAP was a great step towards this, but it's no longer maintained.
that pic deserves an award
+1 on the Photoshop guys!
LOLOL!!
Crappy Linksys Router car!!!
I cannot get over that pic, and a old linksys at that!
Great job!
Some days it's not even worth chewing through the restraints.
Just use a crappy router that you yourself have trouble connecting to from 4 feet, why do you think they make them?
Well, at least it wasn't WPA2 as that is what I use between my Airport Express and Time Capsule via 802.11n 5GHz. This combined with MAC filtering and a max-length random-ascii character password that's changed weekly makes me feel pretty secure.
Still, even with that I still only login to important sites like banks via my computer with the hardwired net connection. Color me paranoid I guess.
Err... I really don't know what to say..
do you work for the CIA?
i just rar my pr0n with a 5character password.
thats the most security i ever need.
If you want to be more paranoid then read up on ssl MiM vulnerability. Now you will do your banking in person and send your bills using stamps.
Oh.. poor James. Poor, poor James. -∞