25 replies to this topic

[TomTerrific]

Hey guys, this is a sort of PSA in case you haven't been paying attention over the last month and a half or so. Frankly I'm a little surprise no one has posted something about this here yet.

A major vulnerability exists in the current wifi standard known as WPS (Wifi Protected Setup), and is exploitable using open-source code that is easily available to anyone. The flaw allows someone running that code to crack most, if not all (more on this in a second), wifi routers using WPA/WPA2 encryption, such that they can recover the passphrase even if the owner subsequently changes it. Essentially, this gives them access to your network, including the abiity to access the internet through your network as well as see all traffic flowing thru. This is about as bad as it gets.

EDIT: I should add that WPS is a required feature of routers to be accredited. This doesn't mean that all routers have it, but most of them do.

The good news: you can easily disable WPS on most common routers.

The bad news: Some routers either you can't disable, or they stay enabled in spite of what the manufacturer claims is the disabling procedure. Even worse, some routers can actually be bricked by someone trying to break in using this approach.

A list of routers and their vulnerabilities can be found here:

https://docs.google....dFpEUDNSSHZEN3c

If your router is vulnerable and it can be disabled, do it. Instructions for doing this are easy to find. If it can't be disabled, get yourself a new router. Apple's airport routers are notable as a major brand that isn't vulnerable to this attack. I'm somewhat alarmed that a bigger deal isn't being made of this. Prompting this screed is the fact that a good friend of mine, a doctor, mentioned to me that one of his partners in his practice is using the Reaver code to steal internet services from two separate tenants who rent from him (he lives in a triple decker and rents out two of the floors) as he has a serious jones for downloading movies. If this guy is doing it, you can bet lots of others are too.

Edited by TomTerrific, 25 February 2012 - 11:39 PM.

[AlNipper49]

Has anyone ever met someone who has pushed a WPS button?

That thing is more worthless than male nipples

[natpastime162]

Using DD-WRT or Tomato firmware (if the router supports it) will also solve this problem.

[kneemoe]

Has anyone ever met someone who has pushed a WPS button?

That thing is more worthless than male nipples

My boss, the 'head of IT', was amazed by it just the other day - I think it was the first time he was made aware of it.


Editted to add the Nip quote.

Edited by kneemoe, 26 February 2012 - 08:53 AM.

[EddieYost]

Just disabled it. Thanks for the tip! I never use it. I tried it once when it was a new thing and it seemed like more trouble than its worth.

[natpastime162]

Has anyone ever met someone who has pushed a WPS button?

That thing is more worthless than male nipples

I know my old Linksys (Cisco) router championed the "one touch" security feature

[Oil Can Dan]

Me. I just used it to connect my wifi to a new wireless printer and to connect a wifi adaptor that's plugged in to a new AVR. It seemed much easier/faster than going the non-WPS route.

Security issue aside, what's wrong with it? Or is it strictly a security thing?

(null)

[BucketOBalls]

Turned it off, but I've never used it either.

Here is a short explanation.

On the plus side, your router's mostly secure. Security researcher Stefan Viehbock has just discovered a major security hole which allowed him to use a brute force technique to access a WPS PIN-protected network in about two hours. According to Viehbock, a design flaw allows the WPS protocol's 8-digit PIN security to fall dramatically as additional attempts are made. With each attempt, the router will send a message stating whether the first four digits are correct while the last digit of the key is used as a checksum and then given out by the router in negotiation. As a result, the 100,000,000 possibilities that the WPS should represent becomes roughly to 11,000.

Yeesh. Who the heck thought of that?

From what I can find, exploiting the vulnerability still takes a few hours, so in some cases you could turn it on when you needed to connect a new device and then turn it off again and change the pin, which should prevent any problems.

Edited by BucketOBalls, 26 February 2012 - 11:58 AM.

[EddieYost]

That's awesome. It should also say "warmer" or "colder" with each guess.

[Monbo Jumbo]

thanks

[kneemoe]

Everyone worried about this is aware that WPA with a PSK can becracked pretty trivially, right?

[wibi]

Everyone worried about this is aware that WPA with a PSK can becracked pretty trivially, right?

I'm going to guess the answer to that is no

[SumnerH]

Everyone worried about this is aware that WPA with a PSK can becracked pretty trivially, right?

Do you have a link? It's my understanding that WPA with a well-concealed truly random SSID and PSK is still pretty secure. The WPA attacks I know of rely on weak passwords, rainbow table attacks against common SSIDs, the brain-dead WPS thing that's been maligned since it was introduced, or the short packet TKIP/QOS attack that should be a non-issue in current configurations.

[kneemoe]

I haven't seen anything revolutionary on cracking WPA recently, but the old stand-by (out since 2008?) aircrack-ng usually does the trick, and doesn't (usually!) take much longer than this attack.

what do you mean by a well concealed truly random SSID? Any connection to a WAP is going to broadcast the SSID, hidden or not, so getting that information is indeed trivial with a packet sniffer and an appropriate WiFi card. From there launching a brute force attack is fairly simple. Most people create PSKs that are relatively easy to remember, and end up pretty weak as a result.

[NortheasternPJ]

Yeah, if you've figured out a way to really crack WPA efficiently let me know. If you choose a non-standard or popular SSID, there's no rainbow tables that exist that are readily available so you have to create your own or use an online service. Even with a great word list, if you have a strong PSK its nearly impossible to do it. There are theoretical weaknesses in TKIP that can be expoited but I've never seen anyone get them to actually work in a real environment.

Based on 40827 networks and a 46M word dictionary:

• What's the success rate when cracking WPA? 4% (2012/40827).
  WPA cracking works by trying words from a dictionary until the password is found. So the question is equivalent to "how many people use dictionary words - like hello, world - as their WPA password?"
• Is a large dictionary necessary? You'll crack 54% more networks from the crackable ones.
  A large dictionary has more chances of containing the network's password. But, it may be that people either choose very simple passwords (so a small dictionary will suffice) or a very complicated password (practically uncrackable) giving large dictionaries diminishing returns.
• Do rainbow tables help? 2% of the crackable networks will be cracked faster.
  Rainbow tables speed up WPA cracking, but only when cracking networks who's name is present in a predefined list of 1000 SSIDs. And, the passphrase still needs to be in the dictionary.

[BucketOBalls]

I haven't seen anything revolutionary on cracking WPA recently, but the old stand-by (out since 2008?) aircrack-ng usually does the trick, and doesn't (usually!) take much longer than this attack.

what do you mean by a well concealed truly random SSID? Any connection to a WAP is going to broadcast the SSID, hidden or not, so getting that information is indeed trivial with a packet sniffer and an appropriate WiFi card. From there launching a brute force attack is fairly simple. Most people create PSKs that are relatively easy to remember, and end up pretty weak as a result.

Security in any system comes down to secret strength. Choose a decent PSK and your ok.

[kneemoe]

Security in any system comes down to secret strength. Choose a decent PSK and your ok.

Right, but I think the vast majority of home users don't know this, and are therefore susceptible to compromises that have been readily available for years.

[johnmd20]

Right, but I think the vast majority of home users don't know this, and are therefore susceptible to compromises that have been readily available for years.

This really seems like a limited problem. Yeah, one in 20,000 people probably get their connection stolen, like 1 in 20,000 people get in car accidents every day. In the end, I don't see this as a huge public nuisance.

[AlNipper49]

If you have wireless at home then you should protect your data using basic steps which will frustrate your average hacker looking to do drive-by-hacking. Even something dumb will bring up the 1:20,000 John mentions above to orders of magnitude more.

If you have consumer grade wireless in an office then simple steps (i.e. put it outside of the firewall and have users who want internal stuff to vpn in) will cure most of your main worries. Enforcing the best encryption, etc is all well and good but most of the security issues I've seen over the years were ironically huge holes left open from people trying to get too cute with their security. Less is more. When you make the determination that you need more than that, then it's worth it to make additional investments.

[kneemoe]

This really seems like a limited problem. Yeah, one in 20,000 people probably get their connection stolen, like 1 in 20,000 people get in car accidents every day. In the end, I don't see this as a huge public nuisance.

And I would say that in every large apartment building there are multiple wireless networks that are insecure, either by virtue of weak or non-existent security. Whether this is a huge public nuisance or not (I tend to think not) 1:20,000 doesn't sound anywhere near accurate to me, I would guess its more like 1:hundreds. Granted, most people steal access so they can get out to the net, not so they can sniff your packets and get your CC# or bank login info.

[AlNipper49]

And I would say that in every large apartment building there are multiple wireless networks that are insecure, either by virtue of weak or non-existent security. Whether this is a huge public nuisance or not (I tend to think not) 1:20,000 doesn't sound anywhere near accurate to me, I would guess its more like 1:hundreds. Granted, most people steal access so they can get out to the net, not so they can sniff your packets and get your CC# or bank login info.

I'd do it looking for tasteful nudes

[kneemoe]

why do I doubt you limit it to tasteful?

[SumnerH]

I haven't seen anything revolutionary on cracking WPA recently, but the old stand-by (out since 2008?) aircrack-ng usually does the trick, and doesn't (usually!) take much longer than this attack.

what do you mean by a well concealed truly random SSID? Any connection to a WAP is going to broadcast the SSID, hidden or not, so getting that information is indeed trivial with a packet sniffer and an appropriate WiFi card. From there launching a brute force attack is fairly simple. Most people create PSKs that are relatively easy to remember, and end up pretty weak as a result.

Sorry, concealing the SSID isn't necessary but choosing a non-standard one to avoid rainbow table attacks is helpful. A random and well-concealed PSK is necessary to security.

Yes, if you're picking easily dictionaried PSKs then you're going to be insecure--but that's a key management issue that's true of almost every shared-secret system. You might as well say that AES or 3DES or RC4 is hacked pretty trivially if that's what you're talking about.

[kneemoe]

Sorry, concealing the SSID isn't necessary but choosing a non-standard one to avoid rainbow table attacks is helpful. A random and well-concealed PSK is necessary to security.

Yes, if you're picking easily dictionaried PSKs then you're going to be insecure--but that's a key management issue that's true of almost every shared-secret system. You might as well say that AES or 3DES or RC4 is hacked pretty trivially if that's what you're talking about.

The difference though is that WPA PSKs and SSIDs are configured by a not-so-knowledgable home user quite often. So while you may argue with the terminology (cracked/hacked), the end result is that there are a number of wireless routers/WAPs out there, even those using WPA or WPA2, that can be accessed due mostly to incompetence in configuration. When encryption configuration is put in the hands of those without the know-how its going to be easier to hack - its not so much a flaw in the encryption scheme as it is user error, but that doesn't remove the vulnerability.

Edit: I don't disagree with what you're saying, it just seems like people up-thread are saying ZOMG! PEOPLE CAN HACK MY WIRELESS!, when that's been going on for years, WPA makes it much harder than WEP, but its not impossible, and the way many people set it up with weak passphrases and pretty standard SSIDs it's not really hard.

Edited by kneemoe, 27 February 2012 - 03:23 PM.

[BucketOBalls]

And I would say that in every large apartment building there are multiple wireless networks that are insecure, either by virtue of weak or non-existent security. Whether this is a huge public nuisance or not (I tend to think not) 1:20,000 doesn't sound anywhere near accurate to me, I would guess its more like 1:hundreds. Granted, most people steal access so they can get out to the net, not so they can sniff your packets and get your CC# or bank login info.

Anything actually important (say CC numbers) should be using it's own encryption (https) anyway.


What people were saying upthread was the vulnerabily allowed even a correctly set up system be broken into. Poorly choosen passcodes are a weakness of any crypto system. Nothing you can really do there.

[cgori]

What people were saying upthread was the vulnerabily allowed even a correctly set up system be broken into. Poorly choosen passcodes are a weakness of any crypto system. Nothing you can really do there.

Or said another way... the biggest problem with a crypto system is always key management.