Go Back   Hardware Canucks > NEWS & REVIEWS > Reviews & Articles from the Web

    
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old March 31, 2012, 01:49 PM
Allstar
F@H
 
Join Date: May 2009
Location: Ottawa
Posts: 589
Default Convenience Vs. Security - A tale of wireless networks [TCMS]

Knew WEP was easy to crack, never knew WPS had such a big loop hole!

The Computer Made Simple » Convenience Vs. Security

Quote:
The whole point of WPS (Wi-Fi Protected Setup) is to make it easy to sync up multiple devices with your router. The router, in order to accept someone using WPS, will share a PIN (hard coded into the router) of 8 numbers. Well turns out it doesn’t matter if you are using WPA or WPA2, because the attack targets the router’s WPS system and not the wireless network’s encryption.
__________________
http://www.thecomputermadesimple.com | The computer world in plain English!
Reply With Quote
  #2 (permalink)  
Old March 31, 2012, 03:52 PM
Allstar
 
Join Date: Oct 2011
Location: Edmonton
Posts: 645

My System Specs

Default

why why why would it verify the first 4 digits of the password 1st.........

you could crack this with you phone :(
Reply With Quote
  #3 (permalink)  
Old April 1, 2012, 05:22 AM
Hall Of Fame
F@H
 
Join Date: Nov 2008
Location: Ottawa, ON
Posts: 1,226

My System Specs

Default

[Not an April fools joke]
Thanks for posting this easier-to-read article since I didn't look at the vulnerability properly the last time I read it...
Article

Hmm so disabling WPS on my router (WRT610N) doesn't do anything
I guess most of my "security" comes from transmit power set at the minimum that I need for all the nodes to connect and that my next door neighbour uses WEP.
I also have enough hardware lying around here to implement something crazy like RADIUS but if it's attached to my router anyway that'd be useless as well. Options options...
__________________
"The computer programmer says they should drive the car around the block and see if the tire fixes itself." [src]
Reply With Quote
  #4 (permalink)  
Old April 1, 2012, 05:50 PM
BlueByte's Avatar
Allstar
 
Join Date: Feb 2011
Location: Maynooth
Posts: 540
Default

This has been known for a bit, security for homes these days seems to be smoke and mirrors for the most part. it might seem like overkill but the best way to secure a wifi connection is separating the wifi network and running a vpn tunnel for your local data. that way you don't care what security your wifi is running. The other scary trick is to clone the SSID of a target and then running network sniffing on any packets going through or even cloning websites to capture https info like banking logins and passwords. So you shouldn't even auto connect on your devices because you might not be connecting to your own network.

NM this was wasn't the one I was thinking about, there was another attack on the WPS system using the same weak set up. 2nd scenario is this one.

Last edited by BlueByte; April 1, 2012 at 06:50 PM.
Reply With Quote
Reply


Thread Tools
Display Modes

Similar Threads
Thread Thread Starter Forum Replies Last Post
Back to school : How to pick the right notebook for you [TCMS] ADay2Long Reviews & Articles from the Web 5 September 5, 2011 05:40 PM
Blame Wi-Fi: Canadian Parents Claim Wireless Networks Harm Children Mark Off Topic 46 August 20, 2010 05:35 PM
better wireless security? bissa Networking 19 November 15, 2009 10:03 PM
The tale of an Ebay scammer a decade later.... soiled name 4DoorGTZ Off Topic 9 September 14, 2009 03:38 PM