Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

WPA does not only have 256 keys.

The author decided to show that if he knew all but one character of his network password, he could bruteforce the missing character. To that end, he took all 256 possibilities for that character, and computed the resulting keys. Then tried connecting with those keys.

This shows a connection rate of 30 attempts/2 minutes which is 0.25/second. That is not practical for most attacks.




Is there any reason the attacker would know all but one character? This seems pretty silly.


The way my cable modem is set up, there are only 16 bits of the WPA key that aren't shared with the MAC address in an obvious way. Because of the configuration, it's impossible for me to change this. So anyone with this knowledge can break into my network by changing two characters -- pretty trivial.


Who on earth do you have service with that doesn't let you set your own WIFI password?


Time Warner Wideband. I work around it by having a router behind the modem which firewalls off the rest of the network -- I treat the modem's side as completely untrusted. Not perfect, but it works.


I don't know who he has, but Time Warner does this in NYC. You have zero control over the configuration of the modem/router.


Sounds like a great defense in a file sharing lawsuit.

"Sorry, but I really have no idea how many people used my Wifi!"


But Time Warner will know it was just you :)




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: