Lists all of the journal entries for the day.

Sat, 12 Jun 2010

1:16 PM - Wireless Security

One of my coworkers pointed out the inherit insecurity of WPA on Wifi devices the other day.  I knew that WEP was insecure, and I figured there were problems with WPA, but I didn't realize how easy it is to break it. 

WPA (and WPA2 -PSK / personal in apple lingo) use a secret key that can be up to 63 characters.  Many people don't use a full length key.  Others use a dictionary word or some other easy to deduce key.  

Apparently, in the protocol for WPA, the initial handshake (communication between your pc/mac and the wifi router) transmits something (well the hash of the key effectively) that can be grabbed in the air.  An attacker can grab this and then run a program offline to determine your WPA key.  He can later join your network.  

At this point, assume all wireless networking is insecure if you weren't already.  

Tips to make it harder to crack:

1. Use the maximum length or as close as you can for the private key

2. Use random characters, a generated key from one of the many online sites is better.  Don't use something obvious like "luke & caryn's wireless".   No, i've never used that.

3. Enable MAC address filtering (not to be confused with Mac computers)

4. Change your key periodically.  You never know who's on your Internet connection.

5. Use AES with WPA if it's available on your router. It's a little harder to crack.

Reasons you should care:

1. Someone can download illegal or offensive content and it came from your ip address.  You could go to jail or have an unpleasant search situation.  

2. You're paying good money for your internet connection, why should your neighbors freeload? Do you let your neighbor steal your cable too?

3. War driving.  Just google it.

()