From: "Ed Durrant" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.1.16) with ESMTP id 2123319 for os2-wireless_users@2rosenthals.com; Tue, 11 Nov 2008 02:38:00 -0500 Received: from static-71-171-102-26.clppva.fios.verizon.net ([71.171.102.26] helo=mail2.2rosenthals.com) by secmgr-ny.randr with esmtps (TLSv1:AES256-SHA:256) (Exim 4.43) id 1Kznoy-0001Gn-Jy for os2-wireless_users@2rosenthals.com; Tue, 11 Nov 2008 02:38:00 -0500 Received: from nskntqsrv03p.mx.bigpond.com ([61.9.168.237]:57810) by mail2.2rosenthals.com with esmtp (Exim 4.69) (envelope-from ) id 1Kznh6-0001Di-2v for os2-wireless_users@2rosenthals.com; Tue, 11 Nov 2008 02:29:49 -0500 Received: from nskntotgx02p.mx.bigpond.com ([121.217.11.170]) by nskntmtas01p.mx.bigpond.com with ESMTP id <20081111042244.CYWQ17256.nskntmtas01p.mx.bigpond.com@nskntotgx02p.mx.bigpond.com> for ; Tue, 11 Nov 2008 04:22:44 +0000 Received: from [192.168.100.2] (really [121.217.11.170]) by nskntotgx02p.mx.bigpond.com with ESMTP id <20081111042243.MNHQ1284.nskntotgx02p.mx.bigpond.com@[192.168.100.2]> for ; Tue, 11 Nov 2008 04:22:43 +0000 X-CTCH-RefID: str=0001.0A010205.49193649.0056,ss=1,fgs=0 Message-ID: <49190891.5090608@durrant.mine.nu> Date: Tue, 11 Nov 2008 15:22:41 +1100 User-Agent: Thunderbird 2.0.0.6 (OS/2/20070731) MIME-Version: 1.0 To: OS/2 Wireless Users Mailing List Subject: Re: [OS2Wireless] Once thought safe, WPA Wi-Fi encryption is cracked - Network World References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH PLAIN at nskntotgx02p.mx.bigpond.com from [121.217.11.170] using ID edward.durrant@bigpond.com at Tue, 11 Nov 2008 04:22:41 +0000 X-RPD-ScanID: Class unknown; VirusThreatLevel unknown, RefID str=0001.0A150202.49190893.0079,ss=1,fgs=0 X-Spam-Score: 0.0 (/) X-Spam-Report: _SUMMARY_ Lewis G Rosenthal wrote: > Thought this might be of interest: > > http://www.networkworld.com/news/2008/110608-once-thought-safe-wpa-wi-fi.html?ts0hb&story=ts_wpahack > > > > Cheers, everyone. Back to the grindstone... > Reading the article this is only a partial crack and only applies to WPA1 using TKIP keys, not WPA2 that I think most looking for security would use nowadays. The question is if the same methods used to crack TKIP on WPA1 means there's a chance of cracking protocols running on WPA2 in the future ? Perhaps we should only run over WiFi links while inside a VPN tunnel ? Of course external hot spots at cafes and the like are the greatest security hole as then often don't have any encryption at all ! Cheers/2 Ed.