WPA is the new WEP, and by that we mean useless

This is why I use MAC address filtering on my network. Makes it a pain to add a new device, but it’s great security.

MAC filtering is pretty much useless too, as most tools will report client MAC addresses fairly easily. Then it’s just a matter of spoofing the MAC and voila, circumvented.

What about WPA with radius authenetication?

Doubtful anyone other than a dedicated hacker would bother with this.

no big deal for most users, not that many hackers out to hack my personal wifi.

for larger users it could be a problem. also a way for IT guys to stay employed now.

Now, now, do the boys at TheBoxOTruth know you’re using their images? (That was my favorite article of theirs)

there is a huge problem with that line of thinking. after the proof of concepts are written and demonstrated, it takes only a matter of days, perhaps weeks, until someone writes a tool the automate the entire process. at this point, it really does become a trivial effort for anyone–not just security experts–to compromise your data.

This is an attention-grabbing claim (yet to be proven) on a protocol as of 3-4 years ago. If you want to feel secured you use WPA2. You would not shop online using 56bit DES SSL connection today, but you would 20 years ago. WPA2 is the one meant to be secure and the real headline will be to break that one.

This is an attention-grabbing claim (yet to be proven) on a protocol as of 3-4 years ago. If you want to feel secured you use WPA2. You would not shop online using 56bit DES SSL connection today, but you would 10 years ago. WPA2 is the one meant to be secure and the real headline will be to break that one.

(repost to correct a typo…)

I have yet to find a router or computer that can’t handle WPA2 AES, so I don’t really see what the big deal is.

Wiring the entire house with ethernet doesn’t sound like a bad idea anymore.

Of course this had to happen shortly after I was telling someone to use WPA or WPA2 because WEP is useless. Does anyone know whether the method that “tricks the router into sending him a large amount of data” is also applicable to WPA2? If so, is AES in WPA2 the only thing preventing this attack from working on WPA2?

Wiring the entire house was never a bad idea to begin with. Sure it can be a pain in some cases but it’s pretty much better in every scenario that doesn’t include shopping online while in the bathroom.

Correction – perfect for keeping your neighborhood CEO off your network. You’ve probably already been owned by your neighbor’s 12-year-old daughter.

oh man i know a who lrestraunt bize that ues wpa2 and 3 lol there so fubard an yeah wpa is still cracakbe an hasbeen for a whike theres a utube video on how to do it

Well, most enterprise shops I know of have thrown in the towel on bothering to secure WiFi. Instead, they leave the WiFi *open* and firewall the entire subnet the AP’s are on. Then you must use normal VPN solutions to access the interior network. So it’s privately operated, but you can’t reach anything useful from it directly. And you don’t have the overhead of the encryption on the air. Yeah, you need to use VPN, but at least THAT hasn’t been hacked.

So, ok, you can get data from the stream. But I still haven’t seen anything that indicates that the encryption keys have been compromised.

Someone mis-interpreted a press release. Its still secure. They basically said its now 100% quicker to brute force WPA. So from a million years its now half a million years to brute force.