

WiFi is no longer a viable secure connection  - prakash
http://www.scmagazineuk.com/WiFi-is-no-longer-a-viable-secure-connection/article/119294/

======
tptacek
This is stupid for two reasons:

(1) They're cracking pre-shared keys, which is the least secure mode of
deployment for WPA2; they can "crack" it because it's essentially password-
protected. Modern wireless security use crypto-strong keys derived from secure
authentication. That's not how home wireless networks get deployed, but it is
how corporate wireless networks are set up.

(2) Nobody who cares about security relies on WEP or WPA; they use 802.11 to
set up an insecure last-mile to VPN through. Nobody has broken any popular VPN
protocol in the last 5 years.

~~~
eru
Why were those new protocols (WEP and WPA) developed anyway? "We need new
encryption schemes, because it's wireless!"?

~~~
baddox
That's what the Wi-Fi Alliance does, they make new protocols. But truly, no
ubiquitous wireless protocol should be trusted for any private data. Those
protocols are (or should be) only meant for home users.

~~~
tptacek
No offense, but this statement doesn't mean anything at all. Clearly, within
the next 10 years, enterprises are going to move en masse to wireless. The
cost savings are too high.

The solutions may not look like they do today --- I won't cry --- but the
fundamental problem is going to need to get solved. Maybe it'll be
opportunistic Teredo/6to4-style network layer security, and maybe it'll be
something app layer, but _something_ is going to get done here.

------
cbrinker
Since when were we under the impression it ever was?

I sure as hell know that I don't trust wireless; wired is bad enough. Tack on
an open-ended medium to invite all of the fun guys onboard.

------
jkkramer
Sounds like they only increased the speed of brute force attacks. Use a strong
password and you'll be fine.

EDIT: That said, at least for me, the main reason I need wireless encryption
is to prevent neighbors from using it. It would be silly to rely on wireless
encryption to safeguard sensitive network activity. That's what SSH, SSL, etc.
are for.

~~~
wallflower
From their flowerly press release: "With billions of possible combinations, it
can take years to break into a WPA/WPA2 protected network. However, WPA/WPA2
protected networks are not immune against distributed attacks performed with
GPU-accelerated algorithms. With the latest version of Elcomsoft Distributed
Password Recovery, it is now possible to crack WPA and WPA2 protection on Wi-
Fi networks up to 100 times quicker with the use of massively parallel
computational power of the newest NVIDIA chips."

Now if only I could somehow get Eclipse to use my GPU to do a compile

~~~
maximilian
Your GPU would be slow as shit at compiling. You wouldn't want it to compile
anything.

GPUs are only good at doing lots of arithmetic in parallel.

------
DenisM
Elcomsoft is the same place where Dmitry Sclyarov worked when Adobe tried to
put him in jail for breaking PDF "encryption": <http://www.freesklyarov.org/>

------
rbanffy
Well...

I have been using VPNs for years. It's sweet to connect to insecure, possibly
malware-intensive, password-grabbing "free" wireless spots that abound around
hotels and airports and grab all their bandwidth while everything they get is
highly secure cryptographed data.

I say that if they ever get my data, they should at least deserve it.

------
dcurtis
Does anyone have any hard data on the prevalence of random WiFi hacking? I
think the chances of someone trying a GPU-accelerated bruteforce attack on my
home network is ridiculously low.

------
3KWA
it never was anyway

------
njharman
ssl & ssh

What's the problem?

