WPA2 encrytpion now officially breakable

From the RISKS newsletter

Russian security company Elcomsoft posted a press release on 12 Oct 2008
detailing a new method to crack WPA and WPA2 keys:

With the latest version of Elcomsoft Distributed Password Recovery, it is
now possible to crack WPA and WPA2 protection on Wi-Fi networks up to 100
times quicker with the use of massively parallel computational power of
the newest NVIDIA chips. Elcomsoft Distributed Password Recovery only
needs a few packets intercepted in order to perform the attack. ...

http://securityandthe.net/2008/10/12...00-fold-increa
se-in-wpa2-cracking-speed/
http://www.prweb.com/releases/wi-fi/...web1405954.htm
http://securityandthe.net/wp-content...elease_wpa.pdf

Ok, so, do you still think ALLLLLL you need is a cute new
wireless router?

I read that article a couple of days ago. My understanding is a long
alphanumeric password such as the one below still takes quite a long time to
break.

p*Y3g4E&{43jk^ld$fU%oA8^9s0!7K#L2q$3$J#79oJe&*23*j Ox2$3D~4nZl;a/By89aw,4H9n

I wouldn't worry about it for now since it's a brute force attack which
requires quite a powerful distributed computing power in addition to GPU
power. Your neighbor must be really rich and bored to be able to pull this.

"the wharf rat" <> wrote in message
news:gd3nfl$ljd$...
>
>
> From the RISKS newsletter
>
> Russian security company Elcomsoft posted a press release on 12 Oct 2008
> detailing a new method to crack WPA and WPA2 keys:
>
> With the latest version of Elcomsoft Distributed Password Recovery, it is
> now possible to crack WPA and WPA2 protection on Wi-Fi networks up to 100
> times quicker with the use of massively parallel computational power of
> the newest NVIDIA chips. Elcomsoft Distributed Password Recovery only
> needs a few packets intercepted in order to perform the attack. ...
>
> http://securityandthe.net/2008/10/12...00-fold-increa
> se-in-wpa2-cracking-speed/
> http://www.prweb.com/releases/wi-fi/...web1405954.htm
> http://securityandthe.net/wp-content...elease_wpa.pdf
>
> Ok, so, do you still think ALLLLLL you need is a cute new
> wireless router?
>

Possible does not always equal practical. Anyone with anything that would
make it worth the trouble already has more than just WPA2 in place to
protect it.

I call FUD

Besides, who would want to crack my wireless when my neighbors is wide open?
They have cable broadband.....I mean....or so I'm told.

Ferd

"the wharf rat" <> wrote in message
news:gd3nfl$ljd$...
>
>
> From the RISKS newsletter
>
> Russian security company Elcomsoft posted a press release on 12 Oct 2008
> detailing a new method to crack WPA and WPA2 keys:
>
> With the latest version of Elcomsoft Distributed Password Recovery, it is
> now possible to crack WPA and WPA2 protection on Wi-Fi networks up to 100
> times quicker with the use of massively parallel computational power of
> the newest NVIDIA chips. Elcomsoft Distributed Password Recovery only
> needs a few packets intercepted in order to perform the attack. ...
>
> http://securityandthe.net/2008/10/12...00-fold-increa
> se-in-wpa2-cracking-speed/
> http://www.prweb.com/releases/wi-fi/...web1405954.htm
> http://securityandthe.net/wp-content...elease_wpa.pdf
>
> Ok, so, do you still think ALLLLLL you need is a cute new
> wireless router?
>

In article <u#>,
Ferd Burfel <> wrote:
>
>I call FUD
>

Absolutely. The Association for Computing Machinery is a well
known source of FUD. Just because some scientist somewhere has published
a method to crack WPA2 protection in seconds doesn't mean that anyone
would actually bother to use that idea to eavesdrop on yours and steal
credit card data or financial information. Everyone knows all those
hackers are too busy playing Counterstrike and trying to hack ebay.

>Besides, who would want to crack my wireless when my neighbors is wide open?

Why did Dillinger rob banks?

"Ferd Burfel" wrote:
> ...who would want to crack my wireless when my neighbors is wide open? They
> have cable broadband.....I mean....or so I'm told.


I've known guys who did that sort of stuff just to snoop on their
neighbors' private lives. I guess it was a sort of power trip. They knew
more about their neighbor's extramarital affairs and homosexual trysts
and private medical information and financial investments and medical
problems than any normal person would *want* to know. I knew
one guy who used his neighbors' wireless internet connections in order
hide his kiddy-porn "excursions". Just hope you don't live next to one
of those guys.

*TimDaniels*