Feds Hack Wireless Network in 3 Minutes

xs3 writes At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes. Special Agent Geoff Bickers ran the Powerpoint presentation and explained the attack, while the other agents (who did not want to be named or photographed) did the dirty work of sniffing wireless traffic and breaking the WEP keys. This article will be a general overview of the procedures used by the FBI team.."

WEP = weak

[null etc.]

WEP was almost a weak afterthought for wireless technology. This is just a demonstration of why WEP users should switch to WPA.

How is this news?

[Nintendork]

Do we really thing the FBI is so ignorant that they aren't aware of WEP and WPA cracking utilities?

WPA is just as 'weak' against Brute Force

[Phoenixhunter]

As long as people continue to use dictionary based passwords, it doesn't really matter how good the encryption is.

Encryption is now useless

[d'oh89]

Guess it's time to pack it up and go home? Course not. No one in their right mind would trust 128 bit encryption over a wireless network for enterprise sensitive data. That's why we have other methods available (Secure token comes to mind). Now if someone really wanted your credit card number when you buy Doom 3 from Amazon.com, they're gonna get it. Luckily you'll probably get your money back when they buy a nice new 30" Mac display and a dual 2.5 gHz system.

People just need to realize that nothing is infalliable, maybe when this is mentioned on Fox News or CNN the general public will learn that they shouldn't trust their network for sensitive data. I know I don't.

Re:WEP = weak

[gad_zuki!]

Is WPA a solution? WPA is just as, if not more, susceptible to a dictionary attack because its password based. WEP isnt usually, but in this case they were using a dictionary attack to crack APs which generate keys from english words. Like Linksys does.

More info here. [google.com]

Not really WEP weakness

[Jaime2]

This doesn't show that WEP is insecure... simply that the key-generation schemes favored by many manufacturers are insecure. Netscape 2.2 was vulnerable to the same type of weakness by using 22 bits of information to build it's 40 bit session key for SSL.

BTW, assuming a similar key generation scheme, this technique could break AES or 3DES, the encryption algorithm is irrelevant here. Why is it that vendors of security products can't figure out security?

Re:Tongue, Meet Cheek

[be-fan]

Confidence and respect should not get in the way of pragmatism. To a great degree, the FBI's interests and one's own align. To a lesser degree, they are divergent. This is particularly true in the realm of privacy, where it is in the FBI's interest to violate it, and your own interest to protect it. In cases where interests do not coincide, it is completely rational to not be at least wary.

Re:Tongue, Meet Cheek

[be-fan]

Let's try that again. "It is irrational to not be at least wary".

Great, reasonable doubt in a pringles can

[maird]

So, just about any law you can break with a computer is now fair game. When you go to court just refer to the three minutes it could have taken some nefarious hacker to use your network without your knowledge. Since the likelihood of such an attack is low then I recommend everyone use a dictionary entry to generate keys. It will keep your neighbours off your network and you'll leave yourself with a perfect reasonable doubt defence when sued or prosecuted.

Re:Tongue, Meet Cheek

[Boronx]

Woah. You don't have to read Chomsky to know that these guys are quite often up to no good.

Re:Tongue, Meet Cheek

[Anonymous Coward]

Sometimes biased people are the only ones willing to present certain FACTS at all.

Actually, replace "sometimes" with "almost always".

Honestly, the only people who should worry about bias to the extent of ignoring an entire publication or speaker are the ones too fucking stupid to cross-reference citations. Chomsky is usually damned thorough and rigorous about referencing neutral media - in fact at least 25% of his communication, in my experience, has been debunking "leftist" bullshit. Intelligent people on the "right" do the same kind of self-policing. It's only the sheep-like extremist newbies that howl about bias day-in and day-out.

Is wireless security overrated?

[loopsandsounds]

Maybe 10% of the population are aware of WEP's weaknesses, but would the other 90% understand what/where/how to conifugre WPA on an AP or gateway? I'm not quite sure that Joe home user should be so worried about his WEP key. Most home users don't have any security policy or strategy (ie. millions of exploited Windows machines sitting directly on the internet), and most businesses have a poor network security policy. As a consultant for a large networking manufacturer, I am amazed at the lengths corporations will go to in securing their wireless network, meanwhile you can walk into unsecured parts of the building and just plug in (no 802.1x), or they have a substandard VPN or internet gateway solution. Maybe it would make more sense for our government to do seminars on security practices for computing(including wireless networking) versus demonstrating a 4 year+ old IV weakness vulnerability?

Corporate Espionage

[SunFan]

This is why I always get a little nervous seeing wireless routers stuck to the ceilings of some offices. Given the average security of most offices with wired networks, the outlook for un-wired networks isn't good, IMO.

Pulling cable is a PITA, but it is a layer of physical security that shouldn't be dismissed too soon.

Re:Protection

[utexaspunk]

It's not too difficult to change a MAC address anyway. I'd think it would be trivial, especially for the FBI, to modify the MAC address between attempts.

Now what would be really spiffy would be generating MAC-specific keys, so that (combined with blocking after X attempts) no progress could be with a dictionary attack...

Re:Encryption is now useless

[Flying Purple Wombat]

People just need to realize that nothing is infalliable, maybe when this is mentioned on Fox News or CNN the general public will learn that they shouldn't trust their network for sensitive data. I know I don't.

The general public will do nothing of the sort, because:

1. They are stupid.

2. They assume the Feds are the only ones with uber-1337 hacking tools required for this "difficult" task.

3. Network vendors will threaten to pull advertising money if the media runs the story.

Re:Tongue, Meet Cheek

[erikkemperman]

I think I see your point. Individual FBI agents are probably very highly skilled.

The problem is that, as an agency, it is their collective duty to enforce bad policies. Increasingly, they are defeating their own purpose and becoming a threat to the very freedoms they supposedly protect. The war on drugs and PATRIOT spring to mind.

"They're only doing their job" is never an argument: unethical practice is not magically justified or even mitigated by being paid for it. If anything I'd say the opposite is in fact true.

And in that regard, the fact that their agents are such able individuals is really just sad: think of what they might accomplish if only they were not busy hatching plans to penetrate my tinfoil hat?

IMHO, no offense.

Re:Not too surprising

[flibuste]

Random password generator? On a website? And it's not logging my IP and the password it has generated for me? I would have to be paid to believe this

Seriously, how secure is that?

Re:WEP is only useful for

[daeley]

An armed society is a polite society.

Perhaps, but a polite society isn't necessarily an armed one.

You and The Founders

[Ungrounded Lightning]

Then I felt dismayed.

It really is a shame when the prevailing "geek" attitude towards agencies like the FBI is mistrust and fear, not confidence and respect.

I find it refreshing.

The founders of our government were quite aware that the greatest threat to freedom was the very government intended to secure and maintain it. That governments are run by people, that people are fallible, and that the power of government tempts them to sieze still more power- to simplify their jobs, to enhance thier own lives, or just for the fun of it.

They knew that some people and some institutions would be corrupted, did their best to put roadblocks in the way of corruption to slow the process down, and to warn their successors (us) to be on watch, so we could catch the inevatable slippages and correct them.

An attitude of healthy suspicion combined with grudging respect and occasional heartfelt praise is precicely right, when it comes to agencies such as the FBI. Healthy suspicion because agents - singly, in groups, or institutionally - have gotten out-of-hand repeatedly. Grudging respect (which must be earned but is honest when it is), because the government and its agencies houseclean from time to time, the agency mostly stays on track, and many of its agents are honest, hard-working, and often heroic, doing their best to identify, protect us from, and bring to justice some truly evil people. Occasional heartfelt praise - when they earn it (which they often do), spending their sweat, smarts, and blood to make the rest of us safer.

The reason I find "the 'geek' attitude" refreshing is that it show that a new generation - no, a large social group that crosses several generations - have "gotten it". Like most powerful tools, law-enforcement and investigative agencies can do significant when used properly, and even greater harm when misused or broken. Eternal vigilance is needed to keep them in good repair and on the right job. Now we have yet another generation that understands the need for this vigilance and is standing guard.

No.

[Ungrounded Lightning]

So what this is telling us is the Feds are really just script kiddies?

No.

What this tells us is that the Feds are showing people just how TRIVIAL and FAST it is for script kiddies and crooks to break into WLANs. And give you pointers on keeping the petty crooks out (and drastically cut crime and reduce the load on the FBI).

Surely you didn't expect them to give you a demo of how THEY do it and how to keep THEM out, did you? B-)

Re:How is this news?

[LiENUS]

Why would htey need 3 geographically diverse AP's, the wireless nic's broadcast uniformly, there is no directionialization. 3 geographically diverse listening stations should be enough to triangulate someones location.

Re:Tongue, Meet Cheek

[shic]

It really is a shame when the prevailing "geek" attitude towards agencies like the FBI is mistrust and fear, not confidence and respect.

What a loaded sentence! It is sufficiently ambiguous that despite feeling I disagree, the multiple potential interpretations make it difficult to make a counter argument.

I do think it is a shame that historic institutional dishonesty demands contemporary suspicion. The vast majority of people have nothing to fear from the likes of the FBI - mainly because they are likely to be insignificant. Neither mistrust or fear are mutually exclusive with respect. I feel I'm cross-over Gen-X to Gen-Y... Respect is automatic; disrespect is earned. Reverence is most likely an indication of fear or stupidity. Mistrust is a pragmatic reaction under whenever strong personal relationships can't be relied upon.

Even if WEP is trivial to crack, it's useful

[Ungrounded Lightning]

Note that even if WEP is trivial to crack it serves a purpose: The same purpose as a lock on a screen door or window.

It doesn't keep out a burglar.

It DOES make it clear that your INTENT was to keep him out, and that if he breaks in his INTENT was to break in.

This is a very important legal point if/when you, or law enforcement, bring action against him.

Similarly, the computing community has generally interpreted permission settings (on files and the like) as an expression of intent, generally honoring them even if they have the ability to bypass them.

This transfers directly to wireless access points: Some people deliberately leave their APs open, to let others use them as a community resource. Generally this is done by leaving them at the default settings. While there may be confusion about it if an AP is in this state, there is NO confusion about the intent if WEP is enabled.

Re:Encryption is now useless

[Drakonian]

Hold on there turbo. Your ecommerce transactions are still encrypted (with something much more secure than WEP). It's not like your CC is transmitted in clear text. It's no more insecure than buying something on a LAN like at work or on campus.

Re:Tongue, Meet Cheek

[nametaken]

"They're only doing their job" is never an argument: unethical practice is not magically justified or even mitigated by being paid for it. If anything I'd say the opposite is in fact true.

If what you meant was, individual agents shouldn't break the law, then I agree with you entirely. If you mean they shouldn't do anything we might consider unethical, even if its the law, then I might disagree a bit.

I tend to think we should strive to change laws we believe are wrong, not complain about FBI agents who carry out the law.

I think its important that FBI agents aren't making their own laws in the course of duty. Its our job to make the law, using our elected officials.

WPA better, but it's just a draft-based "pre-I"

[Dogtanian]

WEP was almost a weak afterthought for wireless technology. This is just a demonstration of why WEP users should switch to WPA.

Except that WPA is a gun-jumping SUBSET of the DRAFT of the forthcoming 802.11i standard, and isn't guaranteed to be compatible with it (rather like "pre-G" and "pre-N" products).

So; yeah, it's better than WEP; but is it a good idea to focus on something which might need upgrading in the near future anyway? (You MIGHT be able to upgrade firmware. You MIGHT not....)

If I considered someone's business security important enough that WEP wasn't acceptable (and it really isn't for all but the smallest businesses), then I'd advise waiting a little longer for genuine 802.11i-compatible products to arrive. Wireless *isn't* that essential yet...

Just a thought; would it be possible to implement 802.11i "in software" for existing equipment?

Re:WEP is only useful for

[Atryn]

An armed society is a polite society.

I think certain middle-eastern situations might be proving otherwise.

On automatic "confidence and respect"

[Zhe Mappel]

It really is a shame when the prevailing "geek" attitude towards agencies like the FBI is mistrust and fear, not confidence and respect.

Others are mentioning COINTELPRO, or Hoover's reign of terror, or Waco, and on and on. No need for me to cover that territory, which any well-informed citizen knows. There's always Wikipedia if you need to bone up on the cheap.

No, I wish to call attention to your language. Therein lies your problem: your language shortcuts thought. Do you realize you write less like a citizen than a subject?

Agencies like the FBI, you write.

Government agencies, law enforcement agencies, you mean. Please stop and think about that.

"Agencies like the FBI"--which would include, of course, the CIA, the NSA, the DEA, the BATF, for starters--are nothing more than arms of power. It is that power to which we must turn, thoughtfully, and ask our questions. We cannot say de facto that an enforcement agency is worthy of "confidence and respect," as you would have it, unless we first examine whose laws and whose agenda these agencies are enforcing.

To take but one high-profile example: the war on drugs. This irrational prohibition has stocked our prisons with the poor, but failed demonstrably by creating more crime in illegal drugs; yet it is blindly enforced by those before whom you would have us genuflect. What choice have they, after all? Yet, fortunately, we have a choice: we can think, they cannot. We can withhold automatic "confidence and respect," as we should, since a brutal and destructive prohibition depends on patsies and collaborators.

The founders of our nation viewed overweening power with deep suspicion, and they anticipated the glamor of irrational obedience--the impulses of mob-like majorities, of good little yes-men. Examine their writings, and behold their constitutional framework: it is in sum a work of almost beautiful paranoia, conceived by men who looked on history as realists. They designed the nation to survive not terrorists or criminals but the surrender of thought by its own inhabitants.

Re:WEP = weak

[Lumpy]

My WAP is directly connected to my internal network and has NO WEP enabled or anything else. it's "wide open" and it's more securethan any company wireless access point I have ever seen.

If you can not recieve the signal, you can access or hack it. My home has aluminum siding with aluminum screening. my accesspoint is in the basement on the street side with another sheet of aluminum 1 wavelength away from the antennas in the direction of the street.

so far even holding a wireless card AGAINST the windows screens will give you no signal, you must be in the house to get a signal, and then it's strong.

The first thing in security is to make sure that your wireless signal is not going places you do not want it to.

Re:Watch the FBI take credit for somebody else's w

[Anonymous Coward]

I'm the author of the article...
3. You weren't at the talk, and it shows. They did give ... a LOT of credit..., but I didn't put it in the article. So you can blame me for it.

On the other hand, a *well-written* article would make it hard to tell the reader wasn't there.

Slashdot... news by nimrods dumb enough to bitch-slap themselves.

Good riddance

[freality]

I always ask people to turn their WEP keys off anyways.. nothing like creating scarcity out of the plenty of wi-fi networks out there.

Look, your computer ought to be secure at the TCP/IP level. If you're depending on WEP link security, you're probably hosed anyways. And you'll almost surely be hacked by the teeming swarms of infected computers on the net long before you get trouble from a neighbor, a drive-by script kiddie, or now the FBI. Unless you're a paranoid freak and you're sure they're really out to get you. The roving script-kiddies that is.

Worried about bandwidth? If you and your neighbors cooperated instead of hording bandwidth from each other, you'd have more to go around. Heck, you could multi-home your laptop and get multiplexed bandwidth. That's more, not less.

Now turn off those keys and rename your home wi-fi network "public"!

Re:Encryption is now useless

[autocracy]

WHOA... slow down buddy. 128 bits of a secure algorithm is definitley stable. The problem is wep has more holes than swiss cheese. They took advantage of weak keys, known plaintext, expected responses... they had all the advantages in the world.

Cracking WEP is still far from cracking AES or TwoFish.