Free Shipping on ALL Products
camera reviewsbest cameraslens reviewsphotography tipscamera forumvideo toursphotography bookssupport me
It is currently Fri Apr 18, 2014 4:53 am

All times are UTC




Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 3305 posts ]  Go to page Previous  1 ... 217, 218, 219, 220, 221
Author Message
 Post subject:
PostPosted: Wed Nov 23, 2011 9:29 pm 
Offline
User avatar

Joined: Mon Jan 14, 2008 1:25 pm
Posts: 2619
Location: Scotland
Citruspers any wireless connection no matter what security is on it can be cracked as the key is sent with the data each time it is used (passing info between your laptop and router/opening webpage etc). The key is easily obtained by using such programmes as Wireshark with a wifi dongle that sends and receives packet data and sniffing that data between the router and laptop.

_________________
Mark Osborne
My life through an iPhone


Top
 Profile  
 
 Post subject:
PostPosted: Wed Nov 23, 2011 10:15 pm 
Offline
User avatar

Joined: Sun Feb 15, 2009 12:59 pm
Posts: 6009
Location: The Netherlands
That's a bit oversimplified Mark. Even if you can capture the handshake, that doesn't mean you have access to the raw information you need. For instance, WPA hashes the password a couple hundred times.

The key defenitely isn't sent each time you do something on the PC, only when connecting to the AP. You can manually deauth a client though, and capture the handshake, but that still only leaves you with the encrypted data, and only a rough idea of what it contains.

Sure, everything CAN be cracked, but you need to factor in time. WEP is inherently insecure because it's cryptography implementation was poor, the PRNG algorithm was leaky from the start.

Now take a look at WPA (2), which is using the Reindael algorithm. The algorithm is universally understood and open to look at, and everyone agrees it's mathemetically impossible to crack in a human's life span (for now). That's the main difference, the poor implementation of an algorithm.

Currently, you can either bruteforce the password, which takes an extremely long time due to the extended hashing process, or use rainbow tables, the latter having the problem that the AP's SSID is factored into the crypto information, meaning a rainbow table for a network called "linksys" would be useless in cracking a network boasting the "pretty fly for a WiFi" SSID.

_________________
I take pictures so quickly, my highschool was "Continuous High".


Top
 Profile  
 
 Post subject:
PostPosted: Thu Nov 24, 2011 10:23 am 
Offline
User avatar

Joined: Mon Jan 14, 2008 1:25 pm
Posts: 2619
Location: Scotland
What you are telling me is just rehashed nonsense for your college course.
Just remember i have a degree in Digital forensics and Ethical Hacking and i can ensure you the data is passed each time (depending on beacon intervals) usually between 1 and 1000 of a millisecond, thats pretty much all the time.

I proved the vulnerabilities as part of my thesis by capturing packets from within a Coffee house.

_________________
Mark Osborne
My life through an iPhone


Top
 Profile  
 
 Post subject:
PostPosted: Thu Nov 24, 2011 11:55 am 
Offline
User avatar

Joined: Sun Feb 15, 2009 12:59 pm
Posts: 6009
Location: The Netherlands
I did quite a bit of research on it myself, so at least show me the courtesy of showing an example instead of just saying you're right because you have a degree.

Besides, I assume we're still talking about encrypted data being sent every time?

I do not appreciate you saying I'm posting "rehashed nonsense". I might not have as big an understanding of the system as you and your precious degree but I'm more than capable of doing my own research (my college never covered this), and I think I have at least a rough understanding of cryptography and it's implementation in wireless protocols.


Are we arguing semantics now? Just plain and simple: is WPA2 a lot more secure than WEP? If yes, do you agree that nobody should use WEP anymore?

(perhaps we should continue this via PM)

_________________
I take pictures so quickly, my highschool was "Continuous High".


Top
 Profile  
 
 Post subject:
PostPosted: Thu Nov 24, 2011 12:36 pm 
Offline
Moderator
User avatar

Joined: Sat Sep 30, 2006 4:30 pm
Posts: 9784
Location: UK
Hi folks,

I've just found out that this thread has now grown to the point where some of the forum tools no longer work well due to its size - the nuclear options like deleting or editing posts still work but that wasn't what I wanted to do. My intention had been to split out a few posts and create a new topic about WiFi security in the "Computer hardware and operating systems" section as it is something we should all take seriously.

The thread has been a huge success (thanks Gregory) so I've decided to lock this one down and create a "Part 2".

Please continue to share at What have you just bought - Part 2?. 8)

Bob.

_________________
OM-D E-M1 + ED 12-40mm f/2.8, H-F007014E, M.ZUIKO DIGITAL 45mm 1:1.8, M.ZUIKO DIGITAL ED 75mm 1:1.8, L-RS014150E.
OM-D E-M5, H-PS14042E, Gitzo GT1541T, Arca-Swiss Z1 DP ball-head.
Astrophotography: TEC 140 'scope, FLI ML16803 camera, ASA DDM60 Pro mount.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 3305 posts ]  Go to page Previous  1 ... 217, 218, 219, 220, 221

All times are UTC


Who is online

Users browsing this forum: Yahoo [Bot] and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

All words, images, videos and layout, copyright 2005-2012 Gordon Laing. May not be used without permission.
/ How we test / Best Cameras / Advertising / Camera reviews / Supporting Camera Labs

Webdesign by Alphabase IT
Powered by phpBB® Forum Software © phpBB Group