Looks like your WiFi might not be quite as secure as you thought it was. A paper recently published by [Stefan Viehböck] details a security flaw in the supposedly robust WPA/WPA2 WiFi security protocol. It’s not actually that protocol which is the culprit, but an in-built feature called Wi-Fi Protected Setup. This is an additional security protocol that allows you to easily setup network devices like printers without the need to give them the WPA passphrase. [Stephan's] proof-of-concept allows him to get the WPS pin in 4-10 hours using brute force. Once an attacker has that pin, they can immediately get the WPA passphrase with it. This works even if the passphrase is frequently changed.

Apparently, most WiFi access points not only offer WPS, but have it enabled by default. To further muck up the situation, some hardware settings dashboards offer a disable switch that doesn’t actually do anything!

It looks like [Stephan] wasn’t the only one working on this exploit. [Craig] wrote in to let us know he’s already released software to exploit the hole.

We reported last week that D-Link was adding captchas to their routers to prevent automated login by malware. Unsurprisingly, it doesn’t work all time. The team from SourceSec grabbed the new firmware and began poking at it. They found that certain pages don’t require the authentication to be passed for access. One of these is WPS activation. WPS lets you do push button WPA configuration. Once activated, any nearby client can request the WPA key using a tool like WPSpy. Only user level credentials are needed to pull this off, so changing just the admin password won’t prevent it.

[photo: schoschie]

The WiFi uploading Eye-Fi SD card made a big splash when it was first introduced, but now Eye-Fi has a whole line of different products. The top of the line is the Eye-Fi Explore, which supports geotagging without using a GPS. Instead of GPS hardware, it uses the Skyhook Wireless Wi-Fi Postitioning System, which correlates the position of the Eye-Fi’s access point to GPS locations, creating virtual GPS functionality. This allows photos taken with the Eye-Fi to be be geotagged. Of course, the accuracy of the system is noticeably lower than true GPS and seems to be affected by a number of external factors, but it is still accurate enough to tag the photo within the immediate vicinity of where it was taken.

WiFi positioning is great feature, but certainly not limited to photography. Since the Eye-Fi is at its core SD storage media, you could probably have it geotag data saved to the card, even if it wasn’t created by a digital camera..