Asus EEEpc 1000

Nils Kassube kassube at gmx.net
Tue Jan 27 14:03:55 UTC 2009


David Fletcher wrote:
> On Tuesday 27 January 2009 02:47:36 iodine at runbox.no wrote:
> > It depends on the password. The longer the password, the longer it
> > will take to crack it. I'm not sure if 300 PS3s is sufficient to
> > crack it in a meaningful time or not. But note that this flaw in
> > WPA ONLY affects TKIP(RC4) encryption. Once you move to AES
> > encryption, this attack do not work anymore.
>
> Is AES what you get if WPA2 is selected rather than WPA? 

Yes.

> My router has 
> tick boxes for either WPA/WPA2 or WPA2 only. My son's PSP only works if
> I select the first option.

Well, that's the problem with old hardware, it can't be used with WPA2. 
However, WPA isn't that insecure for now. What would an attacker want 
from your wireless network? If it is a home network he probably wants to 
get free internet access and it would be much easier to find a WEP 
encrypted or even an open access point than cracking a WPA encrypted AP. 
Granted, there is a known attack for WPA which uses a flaw in in the WPA 
protocol but as I understand it, it is of limited value until now. Of 
course it doesn't mean that WPA will be good enough for a long time.

However, if it is the AP of a company the atacker might rather be 
interested to get information (trade secrets etc.) from computers of the 
company. In this situation he might use a lot of computer power to get 
access to this particular network, so WPA is certainly not good enough.


Nils




More information about the kubuntu-users mailing list