WiFi is no longer secure enough to protect wireless data.Global Secure Systems has said that a Russian's firm's use of the latest NVidia graphics cards to accelerate WiFi ‘password recovery' times by up to an astonishing 10,000 per cent proves that WiFi's WPA and WPA2 encryption systems are no longer enough to protect wireless data.
David Hobson, managing director of GSS, claimed that companies can no longer view standards-based WiFi transmission as sufficiently secure against eavesdropping to be used with impunity. He also said that the use of VPNs is arguably now mandatory for companies wanting to comply with the Data Protection Act.
He said: “This breakthrough in brute force decryption of WiFi signals by Elcomsoft confirms our observations that firms can no longer rely on standards-based security to protect their data. As a result, we now advise clients using WiFi in their offices to move on up to a VPN encryption system as well.
“Brute force decryption of the WPA and WPA2 systems using parallel processing has been on the theoretical possibilities horizon for some time - and presumably employed by relevant government agencies in extreme situations - but the use of the latest NVidia cards to speedup decryption on a standard PC is extremely worrying.
“The $64,000 question, of course, is what happens when hackers secure a pecuniary advantage by gaining access to company data flowing across a WPA or WPA2-encrypted wireless connection. Will the Information Commissioner take action against the company concerned for an effective breach of the Data Protection Act.”
News source: scmagazineuk.com
Now days all routers come with WiFi and they also come with an option to disable it.
I'm betting they used the CUDA stuff in the NVidia drivers to write a RISC cracker.
http://www.elcomsoft.com/edpr.html
technologies, launched CUDA, a C-Compiler and developer's kit that gives software
developers access to the parallel processing power of the GPU through the standard language
of C. NVIDIA® GPUs (GeForce® 8 and above) act as multiprocessors, with multiple registers
and shared memory and cache. ElcomSoft has harnessed their computing power, and will be
incorporating this patent-pending technology into their entire family of enterprise password
recovery applications. Since high-end PC mother boards can work with four separate video
cards, the future is bright for even faster password recovery applications.
They might be able to break the encryption, but from what I know, WPA2 changes the encryption key quite often, so how they should get enought data encrypted by the same key is a good question.
Anyway, using a IPSEC VPN connection after connection to the WPA2 Enterprise network should be pretty secure from what I know.
Just my $0.02
The point as you said before however, that most home users need not to worry about any of that cuz who's gonna spend that much time trying to hack grandma's computer that she uses 1-2 times a week? Most business also have little to worry about. Surely there are some people that's going to try and hack in but odds are you wont be one of them. There is no such thing as being 100% secure so spending all that extra money to be wont be worth it in the long run.
Plus, sometimes that people can get on the network isn't the only thing we care about, if they can just observe the traffic then that is a problem.
[edit]
This is a reply to IceBreakerG (SHoTTa35 beat me).
Plus, sometimes that people can get on the network isn't the only thing we care about, if they can just observe the traffic then that is a problem.
[edit]
This is a reply to IceBreakerG (SHoTTa35 beat me).
I don't get it:
if they can decrypt your traffic then they can sniff and get your mac. It is true.
But, how do they can decrypt your traffic if the router is "banning" any bad mac?.
So, as far i can understand :a wpa + mac protected router, you can't break the wpa (even using force brute) because the mac issue, and you can't copycat a mac because the connection is encrypted.
Plus, sometimes that people can get on the network isn't the only thing we care about, if they can just observe the traffic then that is a problem.
[edit]
This is a reply to IceBreakerG (SHoTTa35 beat me).
I don't get it:
if they can decrypt your traffic then they can sniff and get your mac. It is true.
But, how do they can decrypt your traffic if the router is "banning" any bad mac?.
So, as far i can understand :a wpa + mac protected router, you can't break the wpa (even using force brute) because the mac issue, and you can't copycat a mac because the connection is encrypted.
Well, the packets are sent into the air, so putting the wireless NIC in promisc mode, it will capture every packet in the air, that it within range of.
if they can decrypt your traffic then they can sniff and get your mac. It is true.
But, how do they can decrypt your traffic if the router is "banning" any bad mac?.
So, as far i can understand :a wpa + mac protected router, you can't break the wpa (even using force brute) because the mac issue, and you can't copycat a mac because the connection is encrypted.
That just means that the router itself will not pay attention to packets from a MAC address that is not on the "good list."
This is wireless. All traffic goes through the air. Any wireless card is capable of receiving it. MAC address filtering does not help you here.
So, if a rogue wireless client collects some traffic and is able to decrypt it, which is what this article is talking about, then it is trivial to pull a good MAC address out of the traffic that has been collected (rendering MAC address filtering potentially useless).
I'm not saying that you shouldn't use MAC address filtering. I'm just saying, don't go believing that it is the end-all-and-be-all protection, because it's not.
Plus, sometimes that people can get on the network isn't the only thing we care about, if they can just observe the traffic then that is a problem.
[edit]
This is a reply to IceBreakerG (SHoTTa35 beat me).
I don't get it:
if they can decrypt your traffic then they can sniff and get your mac. It is true.
But, how do they can decrypt your traffic if the router is "banning" any bad mac?.
So, as far i can understand :a wpa + mac protected router, you can't break the wpa (even using force brute) because the mac issue, and you can't copycat a mac because the connection is encrypted.
They can get my MAC all they want, but if their wireless card's MAC isn't on my approved client list, they can't use it to get on my mac-filtered access point.
Static MAC filtering on an Access Point is only useful for situations where you already know that MAC address of those computers you want to allow on your network. You have to build a list of MACs that are allowed on (or, conversely, banned from) your AP, and then start the AP. Dynamic MAC filtering is also possible, but it's much rarer.
Plus, sometimes that people can get on the network isn't the only thing we care about, if they can just observe the traffic then that is a problem.
[edit]
This is a reply to IceBreakerG (SHoTTa35 beat me).
I don't get it:
if they can decrypt your traffic then they can sniff and get your mac. It is true.
But, how do they can decrypt your traffic if the router is "banning" any bad mac?.
So, as far i can understand :a wpa + mac protected router, you can't break the wpa (even using force brute) because the mac issue, and you can't copycat a mac because the connection is encrypted.
They can get my MAC all they want, but if their wireless card's MAC isn't on my approved client list, they can't use it to get on my mac-filtered access point.
Static MAC filtering on an Access Point is only useful for situations where you already know that MAC address of those computers you want to allow on your network. You have to build a list of MACs that are allowed on (or, conversely, banned from) your AP, and then start the AP. Dynamic MAC filtering is also possible, but it's much rarer.
The MAC address can be changed from the driver, and will stay changed until the network card is restarted.
MAC filter is false security.
Static MAC filtering on an Access Point is only useful for situations where you already know that MAC address of those computers you want to allow on your network. You have to build a list of MACs that are allowed on (or, conversely, banned from) your AP, and then start the AP. Dynamic MAC filtering is also possible, but it's much rarer.
Simply put, you can change the MAC address on ANY PC these days fairly easy, you don't even need to hack the cards like back in the days.
http://www.nthelp.com/NT6/change_mac_w2k.htm
a quick google pulled that up. Simply stated, MAC filtering offers NO security at all. It only causes headaches for you and your friends when they come over and you want to add them to your "secure" network.
And no, I'm not going to tell you how we do it. The moment I do is the same moment you try to defeat THAT!
I figure for someone to hack or do anything to it, they have to be inside the house, and that would be a bigger problem then my stupid wifi network.
At school, I have a WEP key, but only because its a cheap router that freaks out if theres too much downloading at once (happened......)
I figure for someone to hack or do anything to it, they have to be inside the house, and that would be a bigger problem then my stupid wifi network.
At school, I have a WEP key, but only because its a cheap router that freaks out if theres too much downloading at once (happened......)
Unless your house is built like a Faraday cage you're not safe. Yes, it's unlikely that someone has targeted a normal house, but the right antenna can pick up a signal MILES away. An attacker would NOT have to be inside your house. You could be in the middle of nowhere and someone could still pickup your network without even being able to see your house.
That said, I knew something like this would happen once reading about CUDA and Nvidia cards being used to do an insane amount of processing. I'm still not worried, unless this company releases their code they used. It's time to start looking for a new encryption type that's stronger than WPA.
My biggest question/concern has been secure web connections (such as on-line banking and purchasing items out of a shopping cart app). How secure are those connections across a public wifi signal?
My biggest question/concern has been secure web connections (such as on-line banking and purchasing items out of a shopping cart app). How secure are those connections across a public wifi signal?
You NEVER do anything like online banking or anything else that involves your credit card, SSN, and other sensitive information over public wifi. Anyone connected, with the right software, can see exactly what you are doing.
So, then, would you say that as long as you are connected to a "secure web site" that is verified and you trust, doing such activities over public WiFi offer essentially the same level of data protection that a wired connection would?
So, then, would you say that as long as you are connected to a "secure web site" that is verified and you trust, doing such activities over public WiFi offer essentially the same level of data protection that a wired connection would?
Pretty much, yes. But don't click 'yes' if you get a pop-up when visiting the website about an 'untrusted certificate' ;-)
The only thing people would be able to find out is where you are surfing to.
The whole point of this article is that GPU acceleration has accelerated such decryption efforts by 10,000% (edited: thanks Havin). I'm not sure, given an obvious extension to this code base, that your statement holds true anymore.
Last edited by excalpius on 12 Oct 2008 - 12:32
The whole point of this article is that GPU acceleration has accelerated such decryption efforts by 10,000x. I'm not sure, given an obvious extension to this code base, that your statement holds true anymore.
Correction: the article quotes a 10,000 per cent increase, so that's 100x.
Even so, it's kinda alarming to think that just 2 orders of magnitude are the extent of how far "beyond practical" a WPA crack was up 'til now, really. If that means you can now crack something in 1 day, then it only took 3-and-a-half months before! Er, how's my maths?
Last edited by excalpius on 12 Oct 2008 - 12:32
I SERIOUSLY doubt someones trying to sniff traffic on your DS Lite....get real.
I SERIOUSLY doubt someones trying to sniff traffic on your DS Lite....get real.
It'll force you to set your AP to use WEP though.
It is people who have open networks which are the greatest danger not quite from viruses, but what they don't see going on like some putz out there downloading illegal, kiddie porn, Mp3 and stuff that flag the "sniffers" out there for illegal activity. I know some day we will hear about it happening, "But I thought it was safe by plugging it in! I never even went past my email and now you are suing me for file sharing?!" etc..
It is people who have open networks which are the greatest danger not quite from viruses, but what they don't see going on like some putz out there downloading illegal, kiddie porn, Mp3 and stuff that flag the "sniffers" out there for illegal activity. I know some day we will hear about it happening, "But I thought it was safe by plugging it in! I never even went past my email and now you are suing me for file sharing?!" etc..
Such scenario has already happened in the country where I am.
The culprit was caught, who happens to be a teenager that has a curfew on the time that he can use the internet at his own home. Thus, what he did was cycle around the neighbourhood and use unsecured WLAN and use its associated internet connection to download mp3, movies, etc which was what triggered the investigation as the owner's internet connection was 'sniffered'/'flagged' for copyright infringement downloads.
Hardware is pretty fixed about what you can use.
Last edited by Smigit on 12 Oct 2008 - 04:14
/respect
It already has been out there for a few week.
Also note that the story neowin reposted is originally under the "advertise" section.......
...says a company that I have not heard of before, that also happens to offer security and penetration testing. Ho hum.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.