gkd_uk
Well-Known Member
With growing numbers using wi-fi in their homes, Paul Rubens looks at how good security is on these networks.
In less than two minutes hackers can defeat the security measures protecting many home wireless internet connections.
Defeating these measures could let them capture passwords, steal confidential information or download illegal pornographic material using the connection.
Many home internet users rely on an encryption system called Wireless Equivalent Protection (WEP) to stop others using their wi-fi link, even though WEP has long been known to be flawed.
In early April three cryptographic researchers at the Darmstadt Technical University in Germany revealed a method of exploiting the flaws far more effectively.
Before now it took at least 20 minutes of monitoring the airwaves before it was possible to break in to a wireless network protected by WEP.
Now, armed with a program called Aircrack-ptw written by the researchers, it is possible to break in to the same network far faster.
"Breaking in to a WEP protected network is now very easy to do," said Erik Tews, one of the researchers.
"Doing it in 60 seconds is realistic, or five minutes in the very worst case. We think now that WEP is really dead and we recommend that no-one should use it."
In its place he recommends an encryption system called Wi-fi Protected Access (WPA), introduced four years ago to replace WEP. "We have had a very close look at WPA and we can't find anything to exploit," he said.
The only known way to defeat WPA encryption - and WPA2, a newer version - is to use what is known as a brute force dictionary attack.
This involves trying millions of different words or combinations of words from in the hope of stumbling upon the correct password.
Read more
In less than two minutes hackers can defeat the security measures protecting many home wireless internet connections.
Defeating these measures could let them capture passwords, steal confidential information or download illegal pornographic material using the connection.
Many home internet users rely on an encryption system called Wireless Equivalent Protection (WEP) to stop others using their wi-fi link, even though WEP has long been known to be flawed.
In early April three cryptographic researchers at the Darmstadt Technical University in Germany revealed a method of exploiting the flaws far more effectively.
Before now it took at least 20 minutes of monitoring the airwaves before it was possible to break in to a wireless network protected by WEP.
Now, armed with a program called Aircrack-ptw written by the researchers, it is possible to break in to the same network far faster.
"Breaking in to a WEP protected network is now very easy to do," said Erik Tews, one of the researchers.
"Doing it in 60 seconds is realistic, or five minutes in the very worst case. We think now that WEP is really dead and we recommend that no-one should use it."
In its place he recommends an encryption system called Wi-fi Protected Access (WPA), introduced four years ago to replace WEP. "We have had a very close look at WPA and we can't find anything to exploit," he said.
The only known way to defeat WPA encryption - and WPA2, a newer version - is to use what is known as a brute force dictionary attack.
This involves trying millions of different words or combinations of words from in the hope of stumbling upon the correct password.
Read more