Brent Saner on 3 Nov 2007 19:59:59 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Re: Cafe Latte attack (WEP)

  • From: "Brent Saner" <brent.saner@gmail.com>
  • To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
  • Subject: Re: [PLUG] Re: Cafe Latte attack (WEP)
  • Date: Sat, 3 Nov 2007 15:59:16 -0400
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=sdlbBzYArbs5ZvCZCD6c7XvDSaz8PHuOt81edrXld4A=; b=ZXJDmM3i+8ALwqYtt+ILuwEijiUOg4VPdv7mF99dUvSHOL0wZCCtYeZETQ3ziNM4DgdJbHs4Ci63nC/ya01k/2XluNlRE6ns/Cmf3sDj6Jv1CRl2jWZ20QUV5Hu21LmA8x6WVNT7ewGKOowYiGyeeC0wjIx80W4T7ZsAz2MQSPw=
  • Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
  • Sender: plug-bounces@lists.phillylinux.org

well, keep also that this is targeted solely at WEP, an already-proven terribly insecure protocol. this is newsworthy, however, because it brings an entirely new element into the rink: now the protocol's auth can be cracked from a client that's connected to it before, even if it isn't connected at present. that's like you giving someone a copy of your keys and them leaving them on a table of a crowded restaurant with a tag on them that says "TO BRENT'S HOUSE"
it's just a matter of time before they found out where geographically the AP is and then use that cracked key.

On Nov 3, 2007 3:48 PM, <fljohnson3@isp.com > wrote:
Bad news, folks:

I just read the presentation AND the Wikipedia entry.

Unfortunately, neither REALLY discusses a solution to the aforementioned
security problem. In English, neither item answered the question, "What
are we supposed to do aside from (1) abandon the use of wireless Internet
or (2) invent and bring into widespread use a whole new security protocol
for the 802.xx family?"



--
Brent Saner
215.264.0112(cell)
215.362.7696(residence)

http://www.thenotebookarmy.org
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug