Russian researchers achieve 100-fold increase in WPA2 cracking [Telecom] speed

Bad reporting or dumb press release. The only known way to crack WPA PSK is via dictionary attack. If you have an easily guessable password, 100 times faster isn't significant. Even with this speedup, brute-forcing a 16 letter key will take over a million years if it isn't a common word.

I'm going to go with bad reporting, since Elcomsoft is actually selling this thing as a wifi security tool - to look specifically for weak passwords, kind of like the tool that some unix sysadmins used to run against /etc/passwd (before the password hashes moved to a root-only shadow file) to look for idiotic passwords. *

I travel 6 times, or so, a year to different locations, most of which have WiFi for Internet access.

Recently, I attended a meeting in the Denver area at a very astute company. They eliminated WiFi from their property a year, or so, ago. They had Ethernet ports for each of us in the meeting room. Before the meeting started the first day the IT manager verified each of our laptop's computer name and he also verified the currency and brand of our antivirus software.

I've seen some companies that go a step further: they'll provide WiFi in meeting areas, but the Access Point is connected _outside_ their firewall, so it's as if it were "in the cloud" relative to their network. In other words, they don't allow any WiFi inside their network, nor even in their DMZ.

In addition, one company had the AP powered from the light circuit, so anytime the meeting room wasn't in use, WiFi was shut down. Company employees who wanted WiFi access to corporate resources had to go to the meeting room, and use a VPN just as they would from a hotel.

IIRC, the AP also provided a few Etherent connections, but they were also connected outside the firewall. Employees who used laptops day-to-day had docking stations at their desks, so they didn't need to concern themselves with the security: I don't know if the docking stations were limited to particular machines or not, but visitors weren't allowed to use them in any case.

Bill Horne Temporary Moderator

Please put [Telecom] at the end of your subject line, or I may never see your post! Thanks!

We have a new address for email submissions: telecomdigestmoderator atsign telecom-digest.org. This is only for those who submit posts via email: if you use a newsreader or a web interface to contribute to the digest, you don't need to change anything.