... Wi-Fi USB adapters bundled with a Linux operating system, key-breaking software and a detailed instruction book are being sold online and at China's bustling electronics bazaars. The kits, pitched as a way for users to surf the Web for free, have drawn enough buyers and attention that one Chinese auction site, Taobao.com, had to ban their sale last year. ... The kits are also cheap. A merchant in a Beijing bazaar sold one for 165 yuan ($24), a price that included setup help from a man at the other end of the sprawling, multistory building. ... One of the kits took over an hour to crack the WEP key equivalent to the password "sugar" in a test attack on a personal router set up for the purpose using 40-bit encryption. ...
Wi-Fi key-cracking kits sold in China mean free Internet
Wi-Fi key-cracking kits sold in China mean free Internet
http://www.networkworld.com/news/2010/0 ... ld-in.html
In European Union Germany they have a law now that you need to use highest security for your wifi so it is difficult to break in but I guess it only delay some 15 to 30 minutes?
If too may make use of these crack into wifi will increase in Germany they will forbid us in EU to use wifi real soon.
If too may make use of these crack into wifi will increase in Germany they will forbid us in EU to use wifi real soon.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
-
prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
WEP versus WPA
Cracking WEP has been possible for years. WPA and WPA2 are considerably harder. The weakness with WEP had more to do with key management than direct attack on enciphered data.
As an interim measure, some businesses which had invested in equipment which could not use WPA because of hardware limitations went to a version which switched keys periodically to greatly increase the difficulty of cracking. These keys were derived from a passphrase, using methods roughly as secure as WPA, which uses TKIP (Temporal Key Integrity Protocol). If they switched, say, every 10 minutes, an attacker using a method which takes 40 minutes would not get enough data and tries to break in, without considerable luck, or still more sophisticated attack methods. WPA2 has gone to a different protocol, CCMP, with a much better theoretical basis.
There are other methods using superencipherment which can also raise security on WEP until most attackers give up. For individuals, using methods which don't really prevent breakins, but, again raise the difficulty somewhat, like hiding the SSID or using MAC filtering, may be enough. If you are using WPA2 (available on all recent wifi products) correctly, with a strong passphrase, you are probably safe, largely because there are many easier targets using weaker encryption, incorrect set up, or no encryption at all.
(From an old, old joke: "I don't need to outrun the bear, I just need to outrun you.")
For commercial sites offering wireless to customers, some of whom may be trying to break into other customers encrypted data streams, the problem is significant. And, there always remains the simple but dumb approach of corrupting employees.
As an interim measure, some businesses which had invested in equipment which could not use WPA because of hardware limitations went to a version which switched keys periodically to greatly increase the difficulty of cracking. These keys were derived from a passphrase, using methods roughly as secure as WPA, which uses TKIP (Temporal Key Integrity Protocol). If they switched, say, every 10 minutes, an attacker using a method which takes 40 minutes would not get enough data and tries to break in, without considerable luck, or still more sophisticated attack methods. WPA2 has gone to a different protocol, CCMP, with a much better theoretical basis.
There are other methods using superencipherment which can also raise security on WEP until most attackers give up. For individuals, using methods which don't really prevent breakins, but, again raise the difficulty somewhat, like hiding the SSID or using MAC filtering, may be enough. If you are using WPA2 (available on all recent wifi products) correctly, with a strong passphrase, you are probably safe, largely because there are many easier targets using weaker encryption, incorrect set up, or no encryption at all.
(From an old, old joke: "I don't need to outrun the bear, I just need to outrun you.")
For commercial sites offering wireless to customers, some of whom may be trying to break into other customers encrypted data streams, the problem is significant. And, there always remains the simple but dumb approach of corrupting employees.