Shields Up!: New Wi-Fi security flaw found
by at July 31, 2010 8:19 am
Sections: Computers, Features, Networking, Security, Wireless
|
Sign up for the FREE Tell Membership and receive benefits that include the digital edition of Tell Magazine sent straight to your inbox, product giveaways, coupons and much more!
Security researchers have found a flaw in the WPA2 protocol, which is currently the best form of WiFi encryption available. Dubbed “Hole 196″, the flaw allows a hacker to intercept traffic, compromise other devices, launch a DDoS attack and place malicious material into the traffic it intercepts. These are called “man-in-the-middle attacks. What is the exact flaw? Well it lies in the two different keys WPA2 uses. One, Pairwise Transient Key (PTK), is unique to each user and can detect spoofing and data forging. The other, Group Temporal Key (GTK), isn’t and can’t.
What makes it a bit different from most flaws is that it can only be exploited by authorized users. This may make you think it’s not really a flaw at all because who would mess with their own network? Ask any IT manager and he’ll tell you some of the biggest risks come from the inside, not the outside. A disgruntled employee could do a lot of damage with something like this. Oh and fixing it is impossible, researchers say, because there is nothing to upgrade or patch.
Read [PCWorld]
Related Posts