Wi-Fi Router Attack Only Requires a Single PIN Guess 84
An anonymous reader writes: New research shows that wireless routers are still quite vulnerable to attack if they don't use a good implementation of Wi-Fi Protected Setup. Bad implementations do a poor job of randomizing the key used to authenticate hardware PINs. Because of this, the new attack only requires a single guess at the hardware PIN to collect data necessary to break it. After a few hours to process the data, an attacker can access the router's WPS functionality. Two major router manufacturers are affected: Broadcom, and a manufacturer to be named once they get around to fixing it. "Because many router manufacturers use the reference software implementation as the basis for their customized router software, the problems affected the final products, Bongard said. Broadcom's reference implementation had poor randomization, while the second vendor used a special seed, or nonce, of zero, essentially eliminating any randomness."
Re:Wireless security (Score:5, Interesting)
Hah. You're stressing over every little thing.
The part that really bothers me though is your turning off guest networks. I've always turned off the automatic kind (NAME OF ROUTER -GUEST NETWORK), but then gone on to set one up as a virtual access point properly on ddwrt. At home and at work I've shared my internet connection with the apartment block across the street, the corrections institute, gay bar, fitness center and mortgage company and any random stranger that passes by. Even the homeless or just plain poor people.
You know what I have learned? People aren't the pieces of shit that people like you think that they are.
I've never seen a pedophile, or a hacker.I've always monitored network traffic and I do keep logs. I've seen one or two people who look at porn and two fucking rokus. (you can afford netflix and you're using my connection across the street? wtf? sorry about the stutters....durrr) out of hundreds of people I have found most people are pretty endearing and normal. most people look at their facebook, or they ask google personal questions. Like where to find a job, or get a date or how to solve/fix something. or they research stuff.. That's all.
I'm probably giving internet access to some of the people that block my parking spot now that I think about it. *laughs*.
in short, sharing has made things better for those around me and I haven't been harmed by it at all.
captcha: bragged
Re:Wireless security (Score:5, Interesting)
Ignore the hate man, keep doing what you're doing :) I'm the same, XXXX_ST_FREE_WIFI has been up most of the last 3 years, and similar at units before this. I set up an old wireless router and RaspberryPi to provide an isolated network with an internet connection for anyone who wants to stop within range (the bus stop across the road is the main source of traffic).
I have around 6 unique connections a day, and several regulars from the surrounding units or daily commute. I redirect "google.com*" to a local splash page (with the google search page in a frame below) that has a couple lines saying this is my personal connection, feel free to use but I'll shut down any time if I need the bandwidth, or think people are being suss. I highlight that it is essentially a public network, so advise against anything personal / private, so I think people assume they're being watched and stay on their best behaviour anyway :P
I originally started with some strict firewall rules (port 80 / 443 outbound only), but found people just never tried anything else really. I think I've seen a couple dozen POP / IMAP requests which were probably from auto sync, and a couple bittorrent users, but noone's ever tried to even probe at the guest network, let alone look for my (isolated) home network.
I also have a file share that I let people dump to / from which I clear daily, and one that serves a bunch of free software and my local distro mirror. I've _never_ had anyone put anything I disapproved of on there. I've had a couple people dump a movie or music on there, but I've removed and replaced with a note saying that's not what its for (in case they check back). Some others have started chats back and forth with simple text files, most people just posted pics with a thumbs up to say thank you :) (my suggestion in the landing page)
All in all, its been a great experience. I liken it to running a small social media site that's location based, rather than internet facing. I'm thinking of adding a persistent page with a guest book / wall, just to reach out a little more personally.
Like you said, people aren't the pieces of shit people think. Those that are generally have shittier things to do than mess with a random wifi network.
captcha: intercom