A chink in the armor of WPA/WPA2 WiFi security

December 29, 2011 By 58 Comments

Looks like your WiFi might not be quite as secure as you thought it was. A paper recently published by [Stefan Viehböck] details a security flaw in the supposedly robust WPA/WPA2 WiFi security protocol. It’s not actually that protocol which is the culprit, but an in-built feature called Wi-Fi Protected Setup. This is an additional security protocol that … Read the rest

Filed Under: security hacks, wireless hacks Tagged With: , , , , , ,

D-Link router captcha broken

May 19, 2009 By 24 Comments

d-link

We reported last week that D-Link was adding captchas to their routers to prevent automated login by malware. Unsurprisingly, it doesn’t work all time. The team from SourceSec grabbed the new firmware and began poking at it. They found that certain pages don’t require the authentication to be passed for access. One of these is WPS activation. WPS lets you … Read the rest

Filed Under: security hacks, wireless hacks Tagged With: , , , , , , , , ,

New WPA TKIP attack

November 9, 2008 By 7 Comments

wifibox

[Martin Beck] and [Erik Tews] have just released a paper covering an improved attack against WEP and a brand new attack against WPA(PDF). For the WEP half, they offer a nice overview of attacks up to this point and the optimizations they made to reduce the number of packets needed to approximately 25K. The only serious threat to WPA … Read the rest

Filed Under: news, security hacks, wireless hacks Tagged With: , , , , , , , , , , ,