Wi-fiProtectedSetup
Latest
Flaw lets hackers break your WiFi router's security with one guess
Typically, attacks against your WiFi router require a lengthy attempt to guess any codes and passwords. Not if you use 0xcite's new technique, however; the research firm has detailed a flaw in some router chipsets that lets hackers bypass the push-button security of WiFi Protected Setup (WPS) almost instantly. Instead of trying to guess a hotspot's PIN code, which can take hours, you simply take a single shot based on a series of offline calculations. Once you're ready to attack, it takes roughly "one second" to get in.
Simple, safe WPS WiFi security around the corner
Setting up a secure wireless network is no easy task, due in part to the array of confusing, conflicting, and sometimes even downright ineffectual (we're looking at you, WEP) solutions to the problem. Enter the WiFi Alliance's WiFi Protected Setup, or WPS, a program slated for release later this year that aims to ease the process of securing home users' wireless networks and is intended to play nice with any WiFi-enabled consumer electronic device (say, a DAP or a camera), as long as the device passes a mandatory lab test first. Tapping into the home user's "I don't care how it works, as long as it does" mentality, WPS will make secure connections as simple as pushing a button on the WiFi-enabled device and the router that it is connecting to, although a PIN-based method is also part of the specification. The new system is similar to Buffalo Technology's Airstation One-Touch Secure System, however, unlike AOSS, WPS is an entirely non-proprietary specification that will fit right into the heterogeneous world of WiFi. Lets just hope wireless chipset and consumer electronics manufacturers get behind WPS and show some love to the peeps that don't know their WEPs from their wallets.[Via The Register]
