MAJOR vulnerability in many wireless routers

[TheBlackCat]

A major vulnerability has been found in many wireless routers, allowing hackers to gain full access to your router in just a matter of hours, even if you are using highly-secure passwords. The vulnerability is in a system called wi-fi protected setup (WPS), which is supposed to provide a secure way to connect devices to the router.

Most devices with WPS have a PIN number that computers can use to access the device. Normally this PIN number would take years to crack. But it turns out that you can check half of the pin independently of the other, and one of the digits is computed from the others, so it can instead be cracked through brute-force in a matter of hours. Some routers allow you to disable WPS, others do not, and some even provide an option to disable it but ignore the option.

You can read more Here. There is an open-source proof-of-concept, I am going to use it to make sure my own router is safe. It may not be legal in all jurisdictions, however, so I will not post a link (there is one in the article), use it at your own risk.

Edit: Here is a list of affected routers: https://docs.google.com/spreadsheet/ccc ... EN3c#gid=0

[Infinity's End]

I'm not affected by this, however I think a lot of people would be smarter if they just didn't broadcast their SSID, and left their network open. Most people aren't aware of this. If your SSID can't be seen, then people won't be able to find it! And if they do see it, they won't be able to access it unless they know what the name is. This way you only have to remember 1 word, not two.

[Naner]

Mine isn't in the list either. Infinity's End's suggestion is a valid one, though. Hiding your SSID will make it difficult for anyone to know your network exists without your permission. And all you have to do in return is type a few extra characters when connecting a device to the network.

[TheBlackCat]

I'm not affected by this, however I think a lot of people would be smarter if they just didn't broadcast their SSID, and left their network open. Most people aren't aware of this. If your SSID can't be seen, then people won't be able to find it! And if they do see it, they won't be able to access it unless they know what the name is. This way you only have to remember 1 word, not two.

It is trivially easy to find a "hidden" SSID. The SSID is sent over the network in plain text, so anyone listening for wifi signals can pick it up easily. You can also spoof clients into revealing it. It offers protection against casual users but anyone who wants access to your network can get it easily. It also makes your computer vulnerable to spoofing of the SSID (tricking them into connecting to a fake network someone else controls) and can lead to interference with other networks.

The same is true of MAC address filtering. The MAC addresses are also transmitted over the network in plain text, so anyone listening for wifi traffic can also pick those up and clone them. It offers little real protection, it mostly just makes things harder for you.

The only thing that really offers and protection these days is WPA2 protocol with a sufficiently long password and AES encryption. The WEP protocol is broken and even WPA1 is vulnerable. The problem with WPS is that it is designed to bypass this security.

[Infinity's End]

I'm not affected by this, however I think a lot of people would be smarter if they just didn't broadcast their SSID, and left their network open. Most people aren't aware of this. If your SSID can't be seen, then people won't be able to find it! And if they do see it, they won't be able to access it unless they know what the name is. This way you only have to remember 1 word, not two.

It is trivially easy to find a "hidden" SSID. The SSID is sent over the network in plain text, so anyone listening for wifi signals can pick it up easily. You can also spoof clients into revealing it. It offers protection against casual users but anyone who wants access to your network can get it easily. It also makes your computer vulnerable to spoofing of the SSID (tricking them into connecting to a fake network someone else controls) and can lead to interference with other networks.

The same is true of MAC address filtering. The MAC addresses are also transmitted over the network in plain text, so anyone listening for wifi traffic can also pick those up and clone them. It offers little real protection, it mostly just makes things harder for you.

The only thing that really offers and protection these days is WPA2 protocol with a sufficiently long password and AES encryption. The WEP protocol is broken and even WPA1 is vulnerable. The problem with WPS is that it is designed to bypass this security.

Sorry, but in the area I live in (the middle of an apartment complex), I'm honestly not paranoid enough to care whether someone may hack into my network. 99.9% chance it will never happen. I'm fully willing to take that .1% chance.

[Chris]

My thoughts exactly, also

allowing hackers to gain full to your router in just a matter of hours

, I think I would notice if someone was outside my house for hours with a laptop assuming someone hasn't mugged him for that laptop in that time that is.

[TheBlackCat]

Sorry, but in the area I live in (the middle of an apartment complex), I'm honestly not paranoid enough to care whether someone may hack into my network. 99.9% chance it will never happen. I'm fully willing to take that .1% chance.

That is fine. But if someone does care about security, they should know that SSID filtering will not help them. Sorry, it's just my SIWOTI disorder acting up again

[Naner]

Be safe if you want to, but avoid being paranoid about it. It's easy to avoid viruses and hackers if you just think twice before clicking. Besides, do you have something really important in your computer? No one wants strange people seeing their personal data, but it'll hardly be the end of the world if it happens.

Like Infinity's End, I know no neighbor of mine would try hacking into my network, and I'm far enough from the ground to be safe from anyone outside the building. I still use a WEP key (because the DS doesn't accept WPA), but I'll move to WPA2 soon.

And work a bit on that SIWOTI of yours.

[TheBlackCat]

Well, I think you can never be too paranoid. You should see how long my passwords are. I am not so concerned with people looking at my files (my samba shares are all password protected) as I am about someone using my internet for something illegal and having it tracked back to me (which does happen, although not all the often). On the other hand my apartment is built like a bomb shelter so I can barely pick up my own wifi signal inside my apartment not to mention outside.

Luckily I don't have to worry about viruses because I run linux. I did have to help two people reinstall windows after they both got the same rootkit, though.

[Naner]

Well, I think you can never be too paranoid.

Yes. Yes you can. I don't think it's your case, but watch yourself.

Luckily I don't have to worry about viruses because I run linux.

LOL. Yeah, I get ya. But, again, viruses are very easy to avoid even on Windows.
(is the motorcycle in the comic open-source?)

[Infinity's End]

I still use a WEP key (because the DS doesn't accept WPA), but I'll move to WPA2 soon.

And another great example of why simply hiding your SSID is easy and convenient: game consoles connect so easily!