
New attack cracks common Wi-Fi encryption in a minute - ilamont
http://www.thestandard.com/news/2009/08/26/new-attack-cracks-common-wi-fi-encryption-minute
======
aurora72
But still a remarkable majority still depends on WPA/TKIP, thinking it's safe.
Around my vicinity the ratios of various security methods are roughly:
WPA/TKIP: 65% WEP: 20% WPA2/CCMP: 10% Open/MAC : 5% (data obtained thru
airodump-ng)

~~~
antonovka
It's not that they think it's safe, it's that they have no idea what 'it' is.

------
jws
AT&T just brought the internet into my new business. The default router they
use has wireless which they left turned on with just WPA protection despite it
having an option for WPA2. There will be WPA systems aplenty for some time.

(I turned the wireless off and blew open the firewalls. I only want packets to
come and go through their router. I'll do the rest with systems I trust.)

------
blhack
Out of curiosity, how many of you just leave your access point open?

I named mine "aireplay-ng" and gave it 32bit wep as a courtesy to any of my
hacker brethren.

~~~
lukifer
I used to, but I got too nervous about all the plaintext passwords and
sensitive information that could be sniffed out of the air by a bored
teenager. Enabling WPA isn't perfect, but it provides at least a single layer
of protection which is probably good enough for most environments, similar to
locking the door to your house.

~~~
jsonscripter
If you use DD-WRT you can set up a second virtual access point that can use
your internet connection without having access to your local network.

~~~
ars
How? I wanted to do that, but could only find a very complicated method that
involved editing the startup files on the router.

~~~
jsonscripter
It's in the settings panel for "Wireless" if you have v24 of the firmware.

------
tsally
Oh cool, they successfully attacked a system using an outdated encryption
standard. In case you haven't gotten the memo yet, it's time to switch to AES.

------
jsonscripter
I kind of want some example source code for, _uh_ , security testing.

------
DougBTX
Anyone else get redirected to a fake virus scan from this page?

End URL was: ://live-virus-
scanner7.com/1/?sess=pGTyyjzxMS02JmlwPTIxNy4zNS44My4yMjMmdGltZT0xMjU1MgAMPQdN

~~~
aurora72
No, the page seems totally ok. Perhaps just your computer made the
redirection?

