 
MacGyver
Bell Sucks
Premium,ExMod 2003-05
join:2001-10-14
Orleans, ON | Switch from TKIP to AES So bottom line, switch from TKIP encryption to AES encryption.
Done. Have a nice day. | |
|
 | jester121
join:2003-08-09
Lake Zurich, IL | Re: Switch from TKIP to AES Guessing you don't have a few hundred APs and a few thousand laptop users spread across the planet?
(neither do I, but I'm sure someone does and it will suck to be them) | |
|
| | 
Anon123456
@rr.com
| Re: Switch from TKIP to AES When I switched from TKIP to AES, I had computers connected to the Internet when I did the switch. None of them seemed to notice the change. They just kept working. Therefore, I don't think the number of laptops someone has on their network will be a big problem.
I do agree that if you have a lot of APs it could be a pain. | |
|
| | iansltx
join:2007-02-19
Golden, CO | It takes about one minute go to into an AP and change the required setting. Most computers will switch settings automatically.
I've been running AES for awhile now since I heard about something similar to this several months ago. Works fine. | |
|
| | | jester121
join:2003-08-09
Lake Zurich, IL
 ·surpasshosting
 ·ViaTalk
| Re: Switch from TKIP to AES said by iansltx  : Most computers will switch settings automatically. Famous last words. | |
|
Richard B
Fur It Up
join:2007-06-22
Portland, OR | Better idea Stick to wired Ethernet
Between security and interference in my apartment complex Wi-Fi is not worth it. | |
|
| chemaupr
join:2005-06-06
Alexandria, VA
| Re: Better idea Agree here. I use Netgear Powerline networking for the most part. I have 2 Xbox 360, 2 PCs, VoIP, Printer and some other appliances connected wired directly to the router or via a Netgear Powerline adapter. Solid connection and no interference from the other 20 routers around... | |
|
| | 
BillRoland
Premium
join:2001-01-21
Ocala, FL
clubs:
 ·Cox HSI
| Re: Better idea I agree, I've still got a wireless N router (Linksys WRT310N) running a random 63 character key in WPA2-AES mode, which I use primarily for a BlackBerry and a laptop. Everything else is wired or using Netgear 200Mbps powerline adapters that work really, really well. Wi-Fi over promises and under delivers.
--
"Don't steal. The government hates competition."
Beyond AM. Beyond FM. XM | |
|
| 
Telco_Tech
join:2009-05-18
Toledo, OH
| said by Richard B :Stick to wired Ethernet Between security and interference in my apartment complex Wi-Fi is not worth it. I don't believe your statement to be entirely correct. Powerline networking is just as susceptible to infiltration as WiFi is, if not more. Other folks close to your electrical circuit could hop on your network if you've left it unencrypted (assuming they too have an adapter to plug into the circuit of course). I haven't researched powerline LAN in a while, but when I did, the products I saw only offered lame WEP or TKIP WPA encryption. Hopefully that's changed since then, but if not, then the same techniques for breaching WiFi would be applicable to your network.
Bottom line, nothing is 100% secure -- there are only degrees of security. Due diligence and following best practices are your greatest tools when working to keep yourself safe.
- Tate
--
Don't give AT&T a cent of your money. If you do, you're supporting warrentless domestic spying and one of the most crooked and inept companies in existence. | |
|
KPMG1
| Users are getting more security conscious too It really seems to me that more and more computer users are adopting the stronger encryption systems than before. In my neighborhood, I "see" roughly 15 SSIDs and only 2 are unencrypted and 3 are protected by WEP. Maybe 3 or so are WPA protected but the vast majority are using WPA2-PSK. Perhaps we have the ISPs to thank for this who set WPA2 as a default method of protection on the routers they give to their customers. | |
|
| brad
join:2007-09-06
Etobicoke, ON
| Re: Users are getting more security conscious too said by KPMG1 :
It really seems to me that more and more computer users are adopting the stronger encryption systems than before. In my neighborhood, I "see" roughly 15 SSIDs and only 2 are unencrypted and 3 are protected by WEP. Maybe 3 or so are WPA protected but the vast majority are using WPA2-PSK. Perhaps we have the ISPs to thank for this who set WPA2 as a default method of protection on the routers they give to their customers.
IMO it is more so the vendors producing the hw. Even though they have tended to do a poor job of default settings in the past most of the cheap little routers I see default to WPA2 as they should. Vendors should be making the default settings as secure as possible and if the user monkeys with the settings and changes the defaults then it is their problem to deal with. Default settings are very critical to set a good example. | |
|
| | k1ll3rdr4g0n
join:2005-03-19
Homer Glen, IL
| Re: Users are getting more security conscious too said by brad :said by KPMG1 :
It really seems to me that more and more computer users are adopting the stronger encryption systems than before. In my neighborhood, I "see" roughly 15 SSIDs and only 2 are unencrypted and 3 are protected by WEP. Maybe 3 or so are WPA protected but the vast majority are using WPA2-PSK. Perhaps we have the ISPs to thank for this who set WPA2 as a default method of protection on the routers they give to their customers.
IMO it is more so the vendors producing the hw. Even though they have tended to do a poor job of default settings in the past most of the cheap little routers I see default to WPA2 as they should. Vendors should be making the default settings as secure as possible and if the user monkeys with the settings and changes the defaults then it is their problem to deal with. Default settings are very critical to set a good example. When you develop a product it's not about making it secure, but making it as interoperable with the customer's equipment as possible. Less complaints, less calls, less headaches overall. You may not agree with it, but that's usually how it works. Would you rather have a customer a day call in to complain that they can't connect to the AP, or just to make it work for them and have your tech support do something that's worth their time. It is just a numbers game in the end. | |
|
| | | brad
join:2007-09-06
Etobicoke, ON | Re: Users are getting more security conscious too That is the reason why consumer level products in general suck. Because vendors don't give a crap about their customers and just sell garbage. | |
|
| | | | k1ll3rdr4g0n
join:2005-03-19
Homer Glen, IL
| Re: Users are getting more security conscious too said by brad :That is the reason why consumer level products in general suck. Because vendors don't give a crap about their customers and just sell garbage. I disagree, the products work as advertised...but if you want to do something advanced like lets just say for example add a firewall rule to block an IP...the $20 model can't but the $150 model can. I personally only buy Linksys WRT54GL (~$50) and put DD-WRT on it. There is another member on here touting that he running a whole box for his router/firewall (I just have to wonder what his electric bill is!). | |
|
| 
Tsume
join:2004-02-23
Johnson City, TN
·ViaTalk
·Comcast
| said by KPMG1 :
It really seems to me that more and more computer users are adopting the stronger encryption systems than before. In my neighborhood, I "see" roughly 15 SSIDs and only 2 are unencrypted and 3 are protected by WEP. Maybe 3 or so are WPA protected but the vast majority are using WPA2-PSK. Perhaps we have the ISPs to thank for this who set WPA2 as a default method of protection on the routers they give to their customers.
AT&T still does WEP default on their 2wire DSL gateway, and the UVERSE 2wire gateway uses WPA1.
--
"Did you know that when one little panda pulls on another little panda's underwear, that's sexual harassment? That makes me a sa-a-a-a-ad panda." --Sexual Harassment Panda | |
|
| | PapaMidnight
join:2009-01-13
Baltimore, MD
| Re: Users are getting more security conscious too said by Tsume :said by KPMG1 :
It really seems to me that more and more computer users are adopting the stronger encryption systems than before. In my neighborhood, I "see" roughly 15 SSIDs and only 2 are unencrypted and 3 are protected by WEP. Maybe 3 or so are WPA protected but the vast majority are using WPA2-PSK. Perhaps we have the ISPs to thank for this who set WPA2 as a default method of protection on the routers they give to their customers.
AT&T still does WEP default on their 2wire DSL gateway, and the UVERSE 2wire gateway uses WPA1. So does Verizon from what I've seen. | |
|
| | iansltx
join:2007-02-19
Golden, CO | Regular WPA is fine and actually a LOT more compatible than WPA2. As long as WPA uses AES it's secure...as secure as passwords are anyway. | |
|
| 
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
·Comcast
| said by KPMG1 :
It really seems to me that more and more computer users are adopting the stronger encryption systems than before. In my neighborhood, I "see" roughly 15 SSIDs and only 2 are unencrypted and 3 are protected by WEP. Maybe 3 or so are WPA protected but the vast majority are using WPA2-PSK. Perhaps we have the ISPs to thank for this who set WPA2 as a default method of protection on the routers they give to their customers.
I don't see the same thing. From my back deck, I pick up half a dozen APs. 1 is protected by WEP and the other 5 are not protected at all. Pretty pathetic. I use WPA2/AES for my wireless connections.
--
My BLOG .. .. Internet News .. .. My Web Page | |
|
| | JimF
join:2003-06-15
Allentown, PA
| Re: Users are getting more security conscious too From my back porch, 3 of my neighbors are using WPA, and 2 are using WEP. I am the only one using WPA2. But none are unencrypted, which is the first time I have seen that. But I really don't think any of my neighbors have the slightest interest in man-in-the middle attacks or using aircrack, so the whole thing is academic. In fact, even if you left an access point open, they would use their own anyway. | |
|
| |
| |
anonwifiuser
@solidspace.com | Re: Users are getting more security conscious too Our office just had Verizon fios installed in March and I was amazed that the business class supplied router uses WEP
Pathetic. | |
|
| |
BlitzenZeus
Burnt Out Cynic
Premium,MVM
join:2000-01-13
Beaverton, OR | Older pda devices I have a smartphone which isn't that old that doesn't support WPA AES, or WPA 2. It's getting retired to free wifi access points now. | |
|
| |
banditws6
Shrinking Time and Distance
join:2001-08-18
Naples, FL
·Comcast
| Moved to WPA2-AES Seeing this article in the news bytes this morning was the impetus I needed to finally get off my butt and migrate from WPA-TKIP to WPA2-AES. I used to have older devices that couldn't support AES or WPA2 in any form, but not anymore.
I know someone who still uses WEP because he has a device of critical importance that's so old it literally cannot use anything better. Last time I was over at his place, I was trying to get my phone onto his network and asked for his WEP key, which he had forgotten. So I looked for a tool to sniff it out and was online a minute later.
I pointed out the security ramifications of what I had just done, but it didn't seem to concern him.
--
"I'll follow the law until it's just stupid." -Ted Nugent | |
|
n2jtx
join:2001-01-13
Glen Head, NY
·Optimum Online
| Safe For Now I have been running WPA2 with AES almost since the time it was available. I have no doubt that it to will be cracked once a flaw is discovered. Then on to WPA3 and whatever encryption algorithm is rated best then.
--
I support the right to keep and arm bears. | |
|
Thane_Bitter
join:2005-01-20
London, ON
 ·Bell Sympatico
| Done how? It is disappointing that we have to wait a month before how they disclose how they did it.
The WiFi Alliance and their logo system is nothing but a marketing shame, I bought a wireless digital picture frame that had their logo plastered all over it. The device does not support WPA2; it seems they whore out their logo to who ever wants to pay for it. All devices made since WPA2 came out should support it, for god’s sakes it's been around for three years.
--
Life - A bitter little ray of sunshine. | |
|
| |
quatrix
Premium
join:2005-02-11
Davie, FL | Don't fuel the paranoia Most people don't have teams of Japanese scientists sitting in their driveways trying to hack into their routers. | |
|
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| Re: Don't fuel the paranoia said by quatrix :Most people don't have teams of Japanese scientists sitting in their driveways trying to hack into their routers. No they don't. But these scientists are going to publish HOW anyone can do the same thing. So some hacker who reads about this can certainly use the tools that will be created by some hacker group to automate the process so that some script kiddie can break in to systems.
--
My BLOG .. .. Internet News .. .. My Web Page | |
|
| | quatrix
Premium
join:2005-02-11
Davie, FL | Re: Don't fuel the paranoia Most people don't have hackers sitting in their driveways either, and they'd go after less-protected systems first anyway. | |
|
| |
| 
battleop
join:2005-09-28
00000 | We don't know how it's done yet. The current method for cracking WPA is pretty much a dictionary attack so we don't know if they found a new way or an improved way. | |
|
Metatron2008
join:2008-09-02
Stockbridge, GA | Why is it that the Japanese get all the press? Again, Americans did this first... It was found that the gtx 260/280 nvidia series could already hack tkip.
Just like anything it seems today, press likes to act like the Japanese did it first. | |
|
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| Re: Why is it that the Japanese get all the press? said by Metatron2008 :Again, Americans did this first... It was found that the gtx 260/280 nvidia series could already hack tkip. Just like anything it seems today, press likes to act like the Japanese did it first. I think the story didn't say they discovered the 1st way to do this. It said they discovered a way to do it very very quickly.
http://www.networkworld.com/news/2009/082709-new-attack-cracks-common-wi-fi.html
Last November, security researchers first showed how WPA could be broken, but the Japanese researchers have taken the attack to a new level, according to Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack was demonstrated. "They took this stuff which was fairly theoretical and they've made it much more practical," he said.
The earlier attack, developed by researchers Martin Beck and Erik Tews, worked on a smaller range of WPA devices and took between 12 and 15 minutes to work.
Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in about one minute.
--
My BLOG .. .. Internet News .. .. My Web Page | |
|
munky99999
Munky
join:2004-04-10
canada
clubs:
| tkip has already been cracked tkip has already been cracked. This is not news. Other then the fact that these computer scientists are just lazy and basically claiming credit for something they didnt do.
You can compile aircrack right now and crack tkip. Unless ofcoarse the latest code is broken or something? It has been for awhile. Not sure about right now. 
Wpa tkip and aes can be dictionary attacked and rainbow attacked; more or less the same thing.
AES only + strong password. | |
|
|
See 20 replies to this post |
|
DataRiker
Premium
join:2002-05-19
Metairie, LA
clubs:
2 edits | TKIP not quite broken "So far, because of MIC key reset algorithms, this is still applicable only to short packets with mostly known data, such as ARP messages"
I suspect only certain routers are vulnerable, and even then the process does not provide the cipher key, thus saying TKIP is broken is a bit misleading.
Also relevant to note is recovery of the key is still impossible, but injections to authenticated clients are possible. So highly unlikely to ever be useful.
A comparison to the WEP crack is not even close. | |
|
magic108
join:2009-01-23
united state | NO problems here Been using WPA2 since i bought a router that supported it. Never looked back. I even set up my neighbors security. | |
|
GunnarDanne
join:2002-12-02
Crown City, OH | Hmm Apparently no one here works at a company that doesn't trust it's own employees with the data on company computers let alone outsiders. | |
|
|
| |
KrazyDawg
join:2001-02-07
Vallejo, CA
clubs:
| Settings The only time I had to use both AES and TKIP at the same time was for the PSP. The newer ones might support AES. I have a Nintendo DS Lite that only works off of WEP. The DSi supports WPA. There should be a higher security standard for networking gaming devices. | |
|
JohnnyBT
join:2009-08-29 | WPA2 I guess I'll just stick with WPA2, haven't had any problems so far | |
|
tmc8080
join:2004-04-24
Floral Park, NY
| symptom of parallel processors It was academic that stronger encryptions would be broken with parallel processing & alternative methods such as offloading de-encryption to processors such as that of a video card, meanwhile the computer goes along in it's merry way... 12 core processors are just around the corner, albeit quite expensive upon initial production runs.. 4 core processors will be dirt cheap quite soon and these can be put to the use of cracking the first 3 levels of wifi security... wep, wpa1, wpa-tkip.
As more free openwide routers go from that to passworded, there will be a group of people dedicaded to bringing back the free-ride, so routers & wifi devices need to be able to evolve with encryption standards.. I just hope the about to be minted 802.11n standard allows for this to happen. It's only a matter of time before AES & WPA2 are broken (and announced). The main problem with wifi security is that the stronger they make it.. the more complex in setting up security becomes, which leaves non-tech literate people with two choices: don't bother, or learn how to do security properly.. which if not done correctly, leaves the router & it's network nearly as vulnerable as not doing anything at all. | |
|
|
|
|
Japanese Computer Scientists Crack WPA
·
·
