Have a question or want to start a discussion? Post it! No Registration Necessary. Now with pictures!
- Posted on
- Vulnerabilities of WEP-based Wi-Fi Phones
- Paul Silverman
January 24, 2005, 8:41 pm
rate this thread
Since most if not all the Wi-Fi phones on market these days use WEP as
their security protocol, does this mean it's a piece of cake to hack
and actually listen to a phone conversation without being detected ?
From my understanding, one could use WEPcrack or any other tool and
quickly gain access to the WEP keys used by the Wi-Fi phone.
Knowing WEP's well-known and document vulnerabilities, what are the
risks that an organization is exposing itself to when deploying Wi-Fi
Re: Vulnerabilities of WEP-based Wi-Fi Phones
On 24 Jan 2005 12:41:59 -0800, email@example.com (Paul
No. It's not a wireless wiretap.
Nope. The current technology requires sniffing the traffic and
capturing enough traffic to crack the WEP key. Then, the captured
traffic can be decoded. You could setup a promiscuous mode wireless
card, feeding some kind of VoIP codec decoder, to listen to traffic.
That will give you one side of the conversation unless you were
ideally located in between the access point and the client radio.
Cracking the WEP key is fairly well documented and doable. Extracting
useful information from the data stream is a bit more complex.
Depends on the encryption and environment. I don't consider wiretap
to be the main risk. Instead, unauthorized use might a be a more
common attraction. In general, if the phone supports WPA, you're safe
enough. WEP has largely become a security problem. Note that WEP2,
with AES encryption is coming real-soon-now and everything you buy
today may soon be obsolete.
Drivel: An industrial espionage job was uncovered about 6 months ago
where the perpetrators used a telescope and a video camera to record
the computer screen and keystrokes. Apparently, it had been in place
for about a year. 3M even makes "security screens" for CRT's and
LCD's to limit the viewing angle:
Also, I've played with a phased multiple microphone room bugging
device that could extract individual conversations from a room full of
other conversations. That was about 1985. Who needs wiretap when
there are easier ways?
Jeff Liebermann firstname.lastname@example.org
150 Felker St #D http://www.LearnByDestroying.com">http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558
- » Can you get a USA Ham Radio license WITHOUT giving the gob'ment your SSN?
- — Newest thread in » Wireless Networking