Tag Archives: wireless

A Web Exploit That May Let People Know Where You Live | インターネットバグであなたの住所見つけられる | 漏洞網頁可找到你家的地址

Someone from the annual Black Hat Technical Security Conference has discovered an exploit that unveils the MAC address of someone’s home router and have thought of a potential way of using it to find out someone’s address via a carefully tailored webpage.

It’s an interesting idea minus the privacy concerns…

Every networking device e.g. your wireless router and phone has a unique Media Access Control (MAC) address that identifies it. Usually this can be found printed underneath the device and this MAC address is broadcast together with the signals that the device sends out. There’s not much you can do hide it although there are ways to “spoof” (i.e. change it to something fake).

As you may know, recently Google has been caught up in a fiasco about how they have been gathering unencrypted wireless data around the world including SSIDs and MACs while recording for their Street View service.

As wireless routers aren’t moved between locations very much, the MAC addresses can easily be recorded together with where they’re found which would most likely be your home.

In other words, it’s like having another line tacked to your home address and having public access to it via this exploit. You can imagine the risks this could have via social networking sites such as Facebook – A simple click on one of the ads or games could reveal who you are and your address.

All those jokes about “stalking” someone with these services could really come true ^^;

Continue reading

Wireless Network Insecurities, WPA Hacked in 1 Minute | ワイヤレスネットワークWPAキー一分で破れた | 無綿網絡WPA一分鐘內被打破

It looks like all those documentaries regarding the increasing popularity and insecured wireless networks will now be rendered out-of-date. Ah, the thrill and speeding advance of technology…

There has been plenty of programmes advicing people to upgrade from the “flawed” WEP security to WPA but even WPA can now be hacked just as quickly in about a minute. Apparently Japanese researchers have now found a way to break the WPA protected networks just as quick as WEP using a similar kind of attack by targetting small encrypted ARP packets. The fully detailed 12 page academic journal paper can be found in PDF if you’re interested.

Not only that, Russian software vendor ElcomSoft claim they can also crack WPA2 in the same amount of time by making use of today’s modern powerful graphic cards from Nvidia and ATi to brute force the key (i.e. try all passwords possible).

However, this seem to only apply to the TKIP flavour of WPA encryptions. The advice is to switch over to the AES version of the key to make it harder to crack if you networking hardware supports it.

So why should you care about someone getting access to your wireless internet connection? Well they can…

  • Get free internet access.
  • Steal information from your computers.
  • Engage in criminal activity and point suspicion at you.

たくさんの番組がワイヤレスネットワークの弱いWEPを使わなくてWPAを使用してとよく忠告していたのに、WPAももう破れたみたい。WPA2を使った方がいい。

それにしても、ネットワークが誰かに侵入されたらどうなるでしょうね。まあ・・・

  • 無料なインターネットが手に入る。
  • あなたの個人データやファイルを盗める。
  • ネットで犯罪行動したら疑いはあなたへ向ける。

有許多關於無綿網絡叫使用者不要用容易被侵入的WEP,要用WPA但好像最近WPA也像WEP一様一分鐘內被打破。現在建意用WPA2。

被打破的網絡有什麼危險?

  • 侵入可者免費上網。
  • 可盜竊個人資料。
  • 你可成為網上犯罪行動的疑犯。

Wireless network.

Continue reading