Wireless Protected Setup (WPS) allows you to access a wireless router and the home network within seconds. Swiss security specialist Dominique Bongard explains the security gap in a presentation, which arstechnica.com has reported. Router manufacturers are working on countermeasures. Users should disable the WPS feature, which is actually used to quickly set up protected wireless networks.
Also interesting is
As a rule, the connection to a WLAN via WPS works by activating the corresponding function on all devices involved. A short time window is then available in which the devices automatically set up and connect with each other. In addition to other authentication options, there is alternatively the query of an eight-digit PIN code. This is usually placed on a sticker of the WLAN router and must be entered on the new client to connect.
In order to crack the PIN, Bongard, in contrast to classic brute-force attacks, is only an attempt. The router sends sufficient information without bongard being connected to the WLAN so that the eight-digit PIN code can be easily calculated. This is caused by an error in the random number generator.
Countless routers from different manufacturers are affected. There is no list of endangered devices. The security specialist wants to give the company enough time to correct the error. If you want to be sure, you should deactivate WPS in the appropriate router menu until a patch or a new firmware update is available for download.
No comments:
Post a Comment