[Kenneth Maxon] is a wizard who only does things one way, beautifully. While out of the average hacker’s production capabilities, his injection molding machine is amazing to behold. The machine has all features a commercial model would. It heats and cools the mold, produces over a ton of pressure to inject plastic with, and ejects parts automatically to name a few.

[Martin Beck] and [Erik Tews] have just released a paper covering an improved attack against WEP and a brand new attack against WPA(PDF). For the WEP half, they offer a nice overview of attacks up to this point and the optimizations they made to reduce the number of packets needed to approximately 25K. The only serious threat to WPA so far has been the coWPAtty dictionary attack. This new attack lets you decrypt the last 12 bytes of a WPA packet’s plaintext and then generate arbitrary packets to send to the client. While it doesn’t recover the WPA key, the attacker is still able to send packets directly to the machine they’re attacking and could potentially read back the response via an outbound connection to the internet.

[photo: niallkennedy]

[via SANS]