Comments on: WPA encryption gets hacked; Wi-Fi no longer secure

By: Soulfly47

Soulfly47 — Wed, 11 Feb 2009 05:59:12 +0000

Forgive me if my math is wrong, but let me toss this out there
So if a regular WPA takes 60 days to hack, it’s 1440 hours.
if you increase speed to 100% its 720 hours
if you increase speed to 1000% its 14.4 hours
if you increase speed to 10000% its 1.44 hours
Based on that, since you didn’t use any number in your “HotNippleChopps” I can reduce the time spent hacking by 10/36th, which brings me 1.04 hours.
Happy Hacking

By: smokeonit

smokeonit — Sun, 12 Oct 2008 06:49:24 +0000

the original aritcle mentions WPA/2… both…

By: youre all retards

youre all retards — Sun, 12 Oct 2008 02:23:36 +0000

Wep/wpa have been crackable for a while. This is nothing new

Wpa2 is still very secure and hasn’t been cracked with the use of any semi complex password

By: AC

AC — Sat, 11 Oct 2008 22:53:39 +0000

This article is sensationalist nonsense. If 100x improvement of a bruteforce attack suddenly makes this a practical attack, then WPA PSK was never secure to begin with.

… to say nothing of the fact that the article makes no mention of EAP.

By: MadMike

MadMike — Sat, 11 Oct 2008 21:54:46 +0000

@Galvatron: Yeah, my wife just got a notice from the Spa she goes to that they had a “breach” and credit card numbers were loosed. Luckily we already canceled that account months ago because the “miles” they promised were BS.

By: Tech Reviews

Tech Reviews — Sat, 11 Oct 2008 16:05:43 +0000

If they can do this with a simple NVIDIA chip what says the PS3 chip?

By: Galvatron

Galvatron — Sat, 11 Oct 2008 07:23:19 +0000

@ mad mike you don’t slur trafic from the bank you slurp it form walgreens account numbers and pins galore happend in tucon 4 moths ago a ton of welsfargo users had to have ALL ther cards deactivated an had new ones reissued to them

By: Martin Blank

Martin Blank — Sat, 11 Oct 2008 05:28:58 +0000

It’s not 10,000 times more efficient. It’s 10,000% more efficient. That number was used because it sounds a lot more impressive than something merely 100 times more efficient. Improving performance by two orders of magnitude is impressive, but it still means that decent key strengths are going to be practically uncrackable for the foreseeable future.

By: CT A

CT A — Sat, 11 Oct 2008 05:11:56 +0000

MadMike,

Don’t forget the Hot Pockets!

By: MadMike

MadMike — Sat, 11 Oct 2008 04:40:00 +0000

Mingkee is right. Stronger passwords equals exponentially more time needed to crack a WPA2-PSK AES network. Sure, this guy notes 10,000 times more efficient, but when it takes 60 days to decode “HotNippleChops” from a WPA-PSK TKIP network, the feasibility just isn’t there.

That and you still need a human capable utilizing such a rig with the malice forethought and intent on breaking a WPA network. Something tells me that somebody is bound to notice the pimple-faced Carnegie Melon grad student in the Ford Fiesta parked outside the World Bank for a week straight with 19 cases of Mountain Dew and 124 boxes of Cheetos with neon green Alienware rig running in the back seat.

By: Galvatron

Galvatron — Sat, 11 Oct 2008 03:39:47 +0000

not really you can get aportion of the key thorgh capturing packets WPA has been hackable for quite some time now.
theres even a youtube video on cracking wWEP and WPA

By: mingkee

mingkee — Sat, 11 Oct 2008 01:57:50 +0000

then my WPA key is extrememely difficult to guess, nearly zero chance to guess
this is simple to create: just hit the keyboard randomly till 63 characters are filled
is it possible to guess these keys randomly generated?
jacpow3ru89c3mpw0q94mopqixeruc0qxu9pc8opqicy902qc58tyx3c89m8of

By: Glenn Fleishman

Glenn Fleishman — Sat, 11 Oct 2008 00:45:47 +0000

It’s likely this attack is valid for only short WPA/WPA2 keys — I would guess based on the way in which the passphrases are composed, that 12 character random passphrases would likely still defeat the computational power possible here outside of governmental use. A 20-character passphrase composed of words not found in dictionaries is likely (as theorized back in 2003) still resistant to multi-hundred-year attacks at the highest level.

We’ll see, though. WPA/WPA2 Personal was designed to increase in cracking complexity based on key length.

By: Jamie

Jamie — Sat, 11 Oct 2008 00:08:41 +0000

Shouldn’t this be titled “Russian Firm Speeds Up WPA Hacking With Graphics Card”? Brute force WPA and WEP hacking has been around for a little while.