Forgot your password?
typodupeerror
Encryption Security Wireless Networking

Verizon MiFi Owned By Simple Attack 86

Posted by timothy
from the changing-the-default-seems-smart dept.
Trailrunner7 writes "Security researcher Joshua Wright has developed a simple attack that allows him to recover the passwords for any Verizon MiFi device. The MiFi is essentially a tiny, portable wireless AP, and Wright's attack uses a simple and effective technique to get default passwords by using the device's SSID and some existing password attacks on the encryption protocols the MiFi employs. Result: complete 0wnage of any MiFi."
This discussion has been archived. No new comments can be posted.

Verizon MiFi Owned By Simple Attack

Comments Filter:
  • Important Question (Score:5, Insightful)

    by wolrahnaes (632574) <seanNO@SPAMseanharlow.info> on Wednesday February 03, 2010 @02:19PM (#31012820) Homepage Journal

    Is the choice of a predictable default password and a vulnerable encryption protocol specific to Verizon's branded version of this device or does it also affect the identical Sprint version and/or any GSM variants that may exist? As much as I dislike Verizon, I don't want to see the wrong name stuck on this if the problem is Novatel's, not Verizon's.

  • Default settings (Score:4, Insightful)

    by Nickodeemus (1067376) on Wednesday February 03, 2010 @02:27PM (#31012904)
    This article is pointless - it points out how to overcome the encryption on a MIFI that has the default settings in place.

    If you deploy any networking device with default settings in place, you deserve to be compromised.

    Take 30 minutes to reconfigure the device using default settings and this is a non-issue.
  • by stoolpigeon (454276) * <bittercode@gmail> on Wednesday February 03, 2010 @02:30PM (#31012928) Homepage Journal

    They wont know what it's called but they have a good chance of knowing that they need to "give their wireless a name and password". I can see anywhere from 5 to 8 wireless networks from my home on any given day. All have non default ssids and passwords. I doubt they were all set up by IT professionals. My guess is a lot of 'regular' folks have clued in.

  • by querist (97166) on Wednesday February 03, 2010 @02:41PM (#31013084) Homepage
    This article is NOT pointless, especially when you consider that the password is the ESN. That greatly narrows down the possible values because the first part of the ESN is assigned by manufacturer. Also, it is NOT pointless because the average person will look at that long string of seemingly random numbers, and the strings are different for each unit because the string is the ESN of the chip, and will think that it is a secure, randomly generated number. The length of the password itself is good. It is the fact that several of the digits are predictable, thus significantly reducing the number of values you need to try, that makes this significant. The average person will not know this and will THINK that it is secure. My own testing: average time to break (on units that I had legal permission to scan, of course) was just over four minutes after forcing a reset. This article is a wake-up call to companies that are issuing these things that they need to fix those passwords.
  • "Owned" (Score:5, Insightful)

    by N0Man74 (1620447) on Wednesday February 03, 2010 @02:47PM (#31013166)

    Really? Headlines with "owned" and summaries with "ownage"?

    Did we go from "News for Nerds" to "News for Teenage Online Gamers" recently, or would that require taking it one step further and using the "Pwn" form of the word. Maybe we should sprinkle in a "MiFi Fail!" in there somewhere too.

  • by darkmeridian (119044) <william DOT chuang AT gmail DOT com> on Wednesday February 03, 2010 @02:49PM (#31013192) Homepage

    New routers come with software that change the SSID and sets up encryption. Also, people are used to stealing wifi from others, when they get their own wifi, know to encrypt it.

  • by Anonymous Coward on Wednesday February 03, 2010 @02:51PM (#31013228)

    It helps to also write the SSID and Password down on a piece of paper and tape it to the router. Writing down passwords is generally bad practice, but in this situation if the person is already inside your house with physical access to your equipment then they could also just plug in an Ethernet cable for access.

10 to the 6th power Bicycles = 2 megacycles

Working...