Flaw lets hackers break your WiFi router’s security with one guess

Network router

Typically, attacks against your WiFi router require a lengthy attempt to guess any codes and passwords. Not if you use 0xcite’s new technique, however; the research firm has detailed a flaw in some router chipsets that lets hackers bypass the push-button security of WiFi Protected Setup (WPS) almost instantly. Instead of trying to guess a hotspot’s PIN code, which can take hours, you simply take a single shot based on a series of offline calculations. Once you’re ready to attack, it takes roughly "one second" to get in.

The vulnerability isn’t present in every router, but 0xcite believes that it’s in relatively common chipsets from both Broadcom and another, unnamed company that’s scrambling to implement a fix. The Wi-Fi Alliance, for its part, tells Ars Technica that the flaw likely stems from how companies implement wireless networking, rather than anything inherent to how the technology works. Whatever the root cause may be, the easiest way to protect against this exploit right now is to turn WPS off — not a big problem if you’re comfortable with a router setup page, but probably more of a hassle than you’d like.

Filed under:


Via: Ars Technica

Source: 0xcite (SlideShare)


Source: Engadget Full RSS Feed http://ift.tt/1pgkDAS

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s