Re: [Nolug] [Fwd: US-CERT Technical Cyber Security Alert TA12-006A -- Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack]

From: Joey Kelly <joey_at_joeykelly.net>
Date: Sat, 07 Jan 2012 11:27:20 -0600
Message-ID: <4F088078.5030403@joeykelly.net>

Petri Laihonen wrote:
> I've never used such feature.
> I doubt any of my equipment even supports this.
>

It's new. I bought an AP recently that has it. It made me laugh.

Truly I don't know why companies or whatever think they can get away
from flimsy security. Even if this hole didn't exist, a single PIN is
going to be less secure than an SSID/passphrase pair.

--Joey

> P
>
> On Fri, Jan 6, 2012 at 10:32 PM, Michael Walker <doublethrow@gmail.com>wrote:
>
>
>> Can be cracked in < 11,000 guesses. Nice.
>>
>> On a related note:
>> http://www.dd-wrt.com/wiki/index.php/Preventing_Brute_Force_Attacks
>>
>> --
>> Mike
>> On Jan 6, 2012 9:12 PM, "Ron Johnson" <ron.l.johnson@cox.net> wrote:
>>
>>
>>> On 01/06/2012 08:12 PM, Joey Kelly wrote:
>>> [snip]
>>>
>>>
>>>> (WPS) provides simplified mechanisms to blah blah
>>>>
>>>>
>>> Why am I *not* surprised?
>>>
>>> --
>>> "The normal condition of mankind is tyranny and misery."
>>> Milton Friedman
>>> ___________________
>>> Nolug mailing list
>>> nolug@nolug.org
>>>
>>>
>
>

___________________
Nolug mailing list
nolug@nolug.org
Received on 01/07/12

This archive was generated by hypermail 2.2.0 : 01/07/12 EST