Today's Hard|Forum Post
  • Small/Medium Business VPN Router
  • NEVERMIND!
  • ProMedia's on sale
  • Computer parts for virtaulization
  • FS: MSI GTX 980 Gaming 4G
  • MBP with R9 M370X
Follow Us on Twitter
  • Gaming [H]eadlines: Dead Space 3 Screenshots ...
  • Taiwan Wants Apple To Blur Satellite Images O...
  • AMD to Host 2012 Data Center Efficiency Summi...
  • Rosewill Capstone 750W Power Supply: Legit Re...
  • Judge Denies Megaupload's Motion to Dismiss: ...
  • Facebook Cracks Down On Fan Pages For Crimina...

Sunday August 31, 2014

WPS Authentication in Some Wi-Fi Routers Vulnerable to Offline Attack

Weak randomization is the attack vector in a recent exploit of Wi-Fi Protected Setup (WPS). The article doesn't talk about remediation options but turning off WPS is probably one way to start.

Because many router manufacturers use the reference software implementation as the basis for their customized router software, the problems affected the final products, Bongard said. Broadcom's reference implementation had poor randomization, while the second vendor used a special seed, or nonce, of zero, essentially eliminating any randomness.

Comments