Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Wi-Fi Security: Cracking WPA With CPUs, GPUs, And The Cloud
Tom's Hardware ^ | August 15, 2011 | Andrew Ku

Posted on 08/15/2011 2:37:51 PM PDT by decimon

Is your network safe? Almost all of us prefer the convenience of Wi-Fi over the hassle of a wired connection. But what does that mean for security? Our tests tell the whole story. We go from password cracking on the desktop to hacking in the cloud.

We hear about security breaches with such increasing frequency that it's easy to assume the security world is losing its battle to protect our privacy. The idea that our information is safe is what enables so many online products and services; without it, life online would be so very different than it is today. And yet, there are plenty of examples where someone (or a group of someones) circumvents the security that even large companies put in place, compromising our identities and shaking our confidence to the core.

Understandably, then, we're interested in security, and how our behaviors and hardware can help improve it. It's not just the headache of replacing a credit card or choosing a new password when a breach happens that irks us. Rather, it's that feeling of violation when you log into your banking account and discover that someone spent funds out of it all day.

(Excerpt) Read more at tomshardware.com ...


TOPICS: Computers/Internet
KEYWORDS: cloud; internet; internetsecurity; wifi; wifisecurity; wpa

1 posted on 08/15/2011 2:37:53 PM PDT by decimon
[ Post Reply | Private Reply | View Replies]

To: ShadowAce

a1!B2@ ping.


2 posted on 08/15/2011 2:39:21 PM PDT by decimon
[ Post Reply | Private Reply | To 1 | View Replies]

To: decimon

I refuse to put my data in the “cloud”. I also don’t purposely give myself access to my home network from outside. I’m sure someone could break in if they were smart enough; I took some basic precautions but nothing serious.

I don’t do a computer budget, so my financial records aren’t really on my system, so they’d mostly be hacking my kids’ book reports and our extensive collection of family vacation photos and videos.


3 posted on 08/15/2011 2:42:50 PM PDT by CharlesWayneCT
[ Post Reply | Private Reply | To 1 | View Replies]

46 Days And FR Is Still Short Of Its Goal

Take FR Across The Finish Line

Click The Pic To Donate

4 posted on 08/15/2011 2:44:36 PM PDT by DJ MacWoW (America! The wolves are here! What will you do?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: decimon

Anyone naive enough to think their personal data is safe in the “cloud” is technically illiterate enough to be a part of the West Wing Staff.


5 posted on 08/15/2011 2:44:36 PM PDT by Da Coyote
[ Post Reply | Private Reply | To 1 | View Replies]

To: CharlesWayneCT
"I don’t do a computer budget, so my financial records aren’t really on my system, so they’d mostly be hacking my kids’ book reports and our extensive collection of family vacation photos and videos."

Anyone who accesses their bank account, brokerage account or uses a credit card over the Internet is also at risk.

6 posted on 08/15/2011 2:51:53 PM PDT by Truth29
[ Post Reply | Private Reply | To 3 | View Replies]

To: decimon

One would be nuts to cloud sensitive data.


7 posted on 08/15/2011 2:52:37 PM PDT by NoLibZone (Life as Nancy Pelosi knows & wants it, must end, Life As Nancy Knows it is to raise Debt 10% annualy)
[ Post Reply | Private Reply | To 1 | View Replies]

To: decimon

At work, I setup our wireless to use EAP/TLS. Any computer trying to access the wireless network must be a member of our domain, where it has been issued a certificate for authentication(via RADIUS Server), and they receive their wireless settings via Group Policy. All traffic is ‘invisible’ to outsiders. We DO have an open ‘guest’ network, but it’s on a separate network/VLAN, pointed out to the net with its own DMZ.

Where I find people and businesses screwing up the most is enabling WPA, and setting a weak, or easy to guess Pre-Shared Key.


8 posted on 08/15/2011 2:52:37 PM PDT by KoRn (Department of Homeland Security, Certified - "Right Wing Extremist")
[ Post Reply | Private Reply | To 1 | View Replies]

To: NoLibZone
"One would be nuts to cloud sensitive data."

"The Cloud"(God, I hate that term), is fine as long as it's YOUR 'Cloud', and you OWN it. Anyone farming out such things to a 3rd party is absolutely NUTS!

9 posted on 08/15/2011 2:55:19 PM PDT by KoRn (Department of Homeland Security, Certified - "Right Wing Extremist")
[ Post Reply | Private Reply | To 7 | View Replies]

To: EdReform

bookmark


10 posted on 08/15/2011 3:01:32 PM PDT by EdReform (Oath Keepers - Guardians of the Republic - Honor your oath - Join us: www.oathkeepers.org)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Truth29

That is true; I’m especially nervous about online banking; I have one credit card I use for online stuff that I can cancel anytime I need to;

But those two things would be a risk no matter how secure I make my home network.


11 posted on 08/15/2011 3:11:36 PM PDT by CharlesWayneCT
[ Post Reply | Private Reply | To 6 | View Replies]

To: decimon

I got tired of clicking through advertising loaded pages after the first few.

But in case he didn’t mention it, WPA PSK (Pre Shared Key) is not all that secure either. It’s way better than WEP, etc, but if you want real security you need to use some flavor of EAP via 802.1x.

You probably have that at work. But you probably don’t at home.

To put the issue in perspective though, it still takes a determined effort to crack any encryption. And in fact most breaches are the result of “operator error” (phishing, etc.) rather than a failure of the technology.


12 posted on 08/15/2011 4:13:54 PM PDT by Pessimist
[ Post Reply | Private Reply | To 1 | View Replies]

To: KoRn

Is it my term to point out that certain things have been “on the cloud” for years? IE, email? And that the old term for “cloud” is “co-located servers”?

And that IT professionals for 20 years have rejected putting their data on third-party offsite storage, for a lot of good reasons, none of which are going away just because a fading IT monopoly coins the term?


13 posted on 08/15/2011 4:29:39 PM PDT by TWohlford
[ Post Reply | Private Reply | To 9 | View Replies]

To: decimon

I use MAC address exclusion, am I screwed. (No personal financial info on internet connected computers)


14 posted on 08/15/2011 5:04:18 PM PDT by UB355 (Slower traffic keep right)
[ Post Reply | Private Reply | To 1 | View Replies]

To: CharlesWayneCT
I refuse to put my data in the “cloud”.

The real trick is to never put unencrypted data "in the cloud". For instance, any remote backups should be encrypted _before_ they start streaming out onto some internet endpoint.

15 posted on 08/16/2011 2:52:55 AM PDT by glorgau
[ Post Reply | Private Reply | To 3 | View Replies]

To: UB355
I use MAC address exclusion, am I screwed.

It's pretty worthless. MAC addresses are broadcast and easy to obtain.

Simplest thing to do is use a long, easy to remember, hard to guess, password phrase like "IHadADogNamedBingo".

And then don't tell that to anybody.

16 posted on 08/16/2011 3:00:22 AM PDT by glorgau
[ Post Reply | Private Reply | To 14 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

17 posted on 08/16/2011 4:06:29 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #18 Removed by Moderator

To: decimon
Here's one of the problems.

19 posted on 08/16/2011 6:46:23 AM PDT by zeugma (The only thing in the social security trust fund is your children and grandchildren's sweat.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: decimon

20 posted on 08/16/2011 7:01:20 AM PDT by martin_fierro (< |:)~)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

Thanks for the ping.


21 posted on 08/16/2011 7:29:33 AM PDT by GOPJ (One ring to rule them/one ring to find them/one ring to tax them/and in indebtedness bind them.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: Truth29
or uses a credit card over the Internet is also at risk.

We have one card just for transactions via the 'net. It has a very low limit on it so if it gets clipped, damage is limited.

22 posted on 08/16/2011 1:19:21 PM PDT by Bloody Sam Roberts (Deploy. Dominate. Disappear.)
[ Post Reply | Private Reply | To 6 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson