It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
originally posted by: SR1TX
a reply to: Bhadhidar
It does not work that way. Wi-Fi protocols were breached when it first was a thing. The ISP I worked for as a tower climber, one of the guys was so crazy good at what he did as a network engineer that he got me free internet by using a certain chipset in his laptop that was able to interact with the router in such a way that he could get it to read off the password that the network had.
You still have to infect the machine to actually get anything done. At most it would be helpful to always make sure your file sharing is turned off, you have nothing set to discover/share, that you keep your routers firmware updated, and that you never go to, click on anything you are not sure of.
I own an ISP now btw. Life is good.
CERT Coordination Center (CERT/CC) has released information on Wi-Fi Protected Access II (WPA2) protocol vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system.
The vulnerabilities are in the WPA2 protocol, not within individual WPA2 implementations, which means that all WPA2 wireless networking may be affected. Mitigations include installing updates to affected products and hosts as they become available. US-CERT encourages users and administrators to review CERT/CC's VU #228519.
All protected Wi-Fi networks use the 4-way handshake to generate a fresh session key. So far, this 14-year-old handshake has remained free from attacks, and is even proven secure. However, we show that the 4-way handshake is vulnerable to a key reinstallation attack. Here, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying handshake messages. When reinstalling the key, associated parameters such as the incremental transmit packet number (nonce) and receive packet number (replay counter) are reset to their initial value. Our key reinstallation attack also breaks the PeerKey, group key, and Fast BSS Transition (FT) handshake. The impact depends on the handshake being attacked, and the data-confidentiality protocol in use. Simplified, against AES-CCMP an adversary can replay and decrypt (but not forge) packets. This makes it possible to hijack TCP streams and inject malicious data into them. Against WPATKIP and GCMP the impact is catastrophic: packets can be replayed, decrypted, and forged. Because GCMP uses the same authentication key in both communication directions, it is especially affected.
originally posted by: SR1TX
a reply to: Bhadhidar
It does not work that way. Wi-Fi protocols were breached when it first was a thing. The ISP I worked for as a tower climber, one of the guys was so crazy good at what he did as a network engineer that he got me free internet by using a certain chipset in his laptop that was able to interact with the router in such a way that he could get it to read off the password that the network had.
You still have to infect the machine to actually get anything done. At most it would be helpful to always make sure your file sharing is turned off, you have nothing set to discover/share, that you keep your routers firmware updated, and that you never go to, click on anything you are not sure of.
I own an ISP now btw. Life is good.