lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 06 Apr 2007 16:09:39 -0500
From: Gary Warner <gar@...gar.com>
To: neal.krawetz@....hush.com,  full-disclosure@...ts.grok.org.uk
Subject: Re: WEEPING FOR WEP

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Neal,

Your three WEP points of favor are interesting discussion points.

#1 - Availability.

That's an excellent point and one we should start pushing to change.
WEP is the primary "hotel" wireless protocol.  Hotel users usually have
the choices of "Open" "WEP" or "Bring Your Own".  It needs to be
stressed to the Hiltons and Marriotts of the world that using WEP is a
huge disservice to their customers, which means we need to
"bullet-proof" some of the other methods.

I'm going through this one at work right now myself.  My team convinced
me that we should use "WPA2" with TKIP for our new wireless service.
Guess what?  Most Windows-controlled wireless laptops don't have an
option to select WPA2 as their authentication protocol!  My team says
"No problem, we can just have them download a more recent version of
their driver and use the software that comes with their wireless card to
manage their wireless instead of the windows client."

ARRRGH!  *NOT* a valid answer!

- ---------------

#2 - Better than nothing.

Actually, the point of the Weeping for WEP story is that its no longer
any harder to break WEP than it is to connect to an open network.
Demonstrated "time-to-connect" according to the German's paper?  60
seconds.  Now, if I needed 45 minutes to get on to your network, I'd
likely keep driving.  But if it truly only takes 60 seconds?  Its easier
to get on your network than to drive to the next signal?  (Unless your
in my office, where from my 10th floor window I can see 51 Wireless
networks, 30 "open" and 21 "WEP" without an external antenna from my
Dell laptop).


The infoworld article:

    http://www.infoworld.com/article/07/04/04/HNdontusewep_1.html

and the actual paper:

    http://eprint.iacr.org/2007/120.pdf

make it clear that 50 seconds of gathering and 3 seconds of cracking
open a 104-bit WEP key.


- ----------------

#3 - Intent of Trespass.

Well, its true that you could say "He intentionally broke in", but how
many wireless intrusion cases were there in the entire US last year?
Three?  Four?   I'd rather just spend 5 minutes to update my security
and be secure rather than knowing that I could "prove" the guy who stole
my bandwidth (and identity?) did so "on purpose".

Thanks for sharing your thoughts!



_-_
gar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGFrcTg79eYCOO6PsRAifTAJ9RZru1L0u/TXuhRfGoWpTTZVYH6wCcCZO9
l4IycpfyP6wL6AQ/+A9zLH4=
=oE3g
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ