Follow Us

War on Error

How to crack Wi-Fi encryption - just guess the right password

Turn on a Wi-Fi enabled laptop in just about any neighbourhood these days, and you’ll see just how far and fast wireless networking is spreading. Access points are everywhere and some of them are even secured properly. Just don’t bet on that last part.

My latest sport is to see which of my neighbours have been buying which access points (APs). It’s not difficult to tell because most of them come up saying things like “Netgear”, “Linksys” or “Belkin”. Occasionally, they’ll even helpfully tell you their model number – HP APs are good for that out of the box.

It’s ancient wisdom that not many people turn on encryption, probably because: (1) they don’t know how to (2) Even if they did, they might not have the length of Ethernet cable that is often useful for setting up encryption between PC and AP (3) They don’t think anyone will really hack into their connection anyway.

Interestingly, I’ve spotted that most of the handful of APs local to me do now have encryption of some sort turned on, and one even appears to use WPA. But guess what? Someone has figured out the encryption but forgotten to secure the AP. I’m near certain that all but one of the APs advertising themselves with their brand name were also using default user names and passwords for that brand of hardware.

There is a lesson for vendors in all this. When every new access point is hauled form its box and turned on it should immediately ask the owner to choose a new password and user name with which to access it. It took immense effort and cleverness for the industry to agree on such things as encryption standards, only for them to be blown away by something as simple as being able to access an AP by typing and then entering the word “admin” twice.

How about using authentication? It works and we’ve recently reviewed one cheap service from Witopia that does it well. The Wi-Fi Alliance’s take on WEP vs WPA can be found here.

More from Techworld

More relevant IT news

Contact Us

For editorial queries:
Mike Simons

For website issues:

For commercial queries
Russell Kearney

For more contact details click here.

Email this to a friend

* indicates mandatory field

Techworld White Papers

Optimising data protection for virtual environments

VM environments require the same level of data protection as does the physical server environment. Companies may use data protection tools built for the physical environment in the virtual world, but this has serious disadvantages.

Download Whitepaper

PCI Compliance: Are UK businesses ready?

Exploring the results of a recent survey, including: ? Levels of understanding of the standard ? Current perceptions of actual compliance status ? Attitudes toward addressing compliance

Download Whitepaper

Mobility Management for Dummies

Your complete guide to managing and securing mobile devices such as laptops and smartphones.

Download Whitepaper

Magic Quadrant for midrange and high-end NAS solutions

It is difficult to find one midrange or high-end NAS product that can cater to all needs. File systems embedded in NAS are often designed to solve one major pain point, with additional features being added later to broaden use cases and benefits.

Download Whitepaper

Techworld UK - Technology - Business

Oracle Video

Enabling agile and intelligent businesses

 Changing markets, competitive pressures and evolving customer needs are placing increasing pressure on IT to deliver greater flexibility and speed. Explore truly flexible SOA foundations with this Oracle video.

COLT White Paper

IT Misuse Survey

Complete this survey and you could win a Nexus One

Techworld are running a short survey to discover how UK businesses are managing Internet and email misuse in the Enterprise.

Complete Survey

Complete our survey and you could win a Sony E-book Reader.
Techworld have teamed up with HP to compile a survey relating to server virtualisation. Complete the short survey and you could be the lucky winner of a Sony E-book reader.

Complete the survey here

Site Map