WPA Encryption No Longer Secure
Security researchers Erik Tews and Martin Beck have succeeded in partially cracking the WPA (Wi-Fi Protected Access) encryption, which until now had been considered safe.
common -
comments -
7.11.2008 WPA crack details revealed
German researchers have published a paper that claims to give details of how to crack the Wi-Fi Protected Access encryption standard.
windows -
comments -
12.11.2008WPA is going the way of WEP, cracked in 15 minutes flat
According to
PC World the days of securing your WIFI network using Wi-Fi Protected Access
(WPA) may be over, as researcher Erik Tews will show how he was able to crack WPA encryption in around 15 minutes at a the Tokyo
PacSec Conference in two weeks time.
WPA was designed to overcome the insecurities in
hacked Wired Equivalent Privacy (WEP) which can be hacked in a few minutes using a modern laptop.
Erik Tews will be demonstrating how he
cracked the WPA encryption to read the data being sent from a router to a laptop.
To read the data being sent Tews found a way to crack
the Temporal Key Integrity Protocol (TKIP) key without resorting to using a dictionary attack which, security experts have agreed that the protocol
might be vulnerable too.
Although this is a big step Tews was still unable to crack the keys used to encrypt the data being sent back to the
router from the laptop.
If the demonstration lives up to its headline then the days of WPA look to be numbered. This would come as a big
blow to both consumers and corporations alike.
WPA is the most common standard of encryption in uses but, there is also a newer more
secure standard WPA2, (which uses Advanced Encryption Standard (AES) and is unaffected), although support is still patchy. Consumer may find they are
forced to still rely on the now unsecure WPA encryption to connect their devices to the network.
For Business this is even bigger headache.
The TJ Maxx chain had hundreds of millions of customer details stolen due in part to the fact that they were still using the cracked WEP standard.
It’s easy to see a situation where hackers may try to do the same using WPA forcing corporate users to VPN or WPA2 dumping devices that
can’t support these protocols.
Read full story.....
neowin.net -
06.11.2008Fifteen minutes to crack WPA protocol, says researcher
Wi-Fi Protected Access (WPA) is considered a superior encryption protocol to the aged and inherently flawed WEP (Wired Equivalent Privacy), but it is
not without its vulnerability, as one researcher is preparing to demonstrate...
betanews.com -
06.11.2008Jobs' Apple Makes Its Mark In
The Dictionary
LONDON - A "podcast"
is at once a portmanteau;
derived from the words
"broadcasting" and "iPod",
and a misnomer; neither
podcasting nor podcast
listening requires an iPod,
and no broadcasting is really
required. Even so,
portmanteaux and misnomers are
not precluded from appearing
in the dictionary; hence the
word's selection as the Word
of the Year by the New Oxford
American
Dictionary.
Even though society's
neologisms are normally
ephemeral--words die out the
minute better technologies are
discovered--once you're in
the dictionary, you're there
forever. Journalist Ben
Hammersley may have coined the
term, yet it's Apple Computer
Chief Executive Steve Jobs
that becomes one of those
rarities; a man so inventive
in the sphere of technology,
he has left his mark on our
language.
The
official term, to be added to
the online version of the
dictionary during the next
update early next year, is
defined as "a digital
recording of a radio broadcast
or similar program, made
available on the Internet for
downloading to a personal
audio player". ..
winbeta.org - 08.12.2005
Apple gets in a mucking fuddle over iPhone dictionary app
In the latest twist of Apple's confusing iPhone AppStore policies, one developers dictionary application was rejected for "objectionable
content". Why? It contained swear words. In a blog post by John Gruber, technical writer and technology pundit, Gruber confirms Apple censored an
English dictionary. Matchstick software, developers of Ninja Words - a "really fast" dictionary, first submitted their iPhone application on May 13;
it was rejected two days later. According to Phil Crosby, one of Ninjawords's developers, "Our app was crashing on the latest beta of iPhone OS
3.0. We quickly fixed this issue and resubmitted." Matchstick did not hear from Apple again until May 30 when Apple rejected the application for
"objectionable content".
Read full story.....
neowin.net - 06.08.2009
Google, Spyware Added to
Dictionary
The eleventh edition of
Merriam-Webster's Collegiate
Dictionary is set to
officially bring 100 new words
into the English lexicon,
including a handful from the
world of technology.
"Google" is now a
full-fledged verb that means
using the Google search engine
to retrieve information...
betanews.com - 06.07.2006
"w00t" crowned word of year by U.S. dictionary
"w00t," an expression of joy coined by online gamers, was crowned word of the year on Tuesday by the publisher of a leading U.S. dictionary.
Massachusetts-based Merriam-Webster Inc. said "w00t" -- typically spelled with two zeros -- reflects a new direction in the
American language led by a generation raised on video games and cell phone text-messaging.
It's like saying "yay," the
dictionary said.
"It could be after a triumph or for no reason at all," Merriam-Webster said.
winbeta.org - 12.12.2007
GPU-Accelerated Wi-Fi password cracking goes mainstream
The once thought 8 character length password may no longer be safe, after the GPU-accelerated password recovery attack can break weak WPA/WPA-2 PSK
passwords. The Elcomsoft Wireless Security Auditor mentioned that its software can work completely off-line and find passwords by analyzing a dump of
network communications, and display them in plain-text. The Wireless Security Auditor does require the source of a valid log of wireless
communication. Experts have urged IT managers to move from 8 character WMP passwords to 12 or 15, in a quote from David Hobson: "It's a
wake-up call to IT managers, pure and simple. IT managers should now move to 12 and even 16 character keys as a matter of urgency.
Read full story.....
neowin.net - 24.01.2009
FreeBSD 6.0 Heads Out the Door
The FreeBSD Project on Friday
heralded the 6.0 release of
its venerable Unix based
operating system. FreeBSD 6.0
brings to the table a number
of improvements over version
5, including a multithreaded
filesystem to speed up disk
access, and expanded support
for wireless networking and
the WPA protocol...
betanews.com - 05.11.2005
Without 'Answers,' Dictionary.com's parent will become part of Ask.com
While some analysts have already deemed online search to be a territory that Google has already won, there are still competitors looking to assemble
the right formula. This morning, some new pieces fell into place for the #5 provider...
betanews.com - 15.05.2008
Google admits word database came from third party
Google has acknowledged that a
dictionary of Chinese words
used with one of its recently
released software tools came
from a third party. Google's
Pinyin Input Method Editor
(IME) " was built
leveraging some non-Google
database resources ,"
wrote Google China spokeswoman
Cui Jin in an e-mail response.
Google's Pinyin IME bears an
uncanny resemblance to Sohu's
Sogou Pinyin IME, which draws
search queries from the
company's search engine to
suggest characters that match
the Pinyin entered by a user.
On Friday, the Chinese
Internet company Sohu.com gave
Google until Monday to stop
downloads of its IME software
and issue an apology. Sohu
also wants compensation from
Google.
The
dictionaries used with both
software from Google and Sohu
shared several common
mistakes, where Chinese
characters were matched with
the wrong Pinyin equivalents.
In addition, both dictionaries
listed the names of engineers
who had developed Sohu's
Sogou Pinyin IME. A review of
the first version conducted by
Sohu's engineers revealed a
dictionary of around 330,000
words and their Pinyin
equivalents, including more
than 300,000 entries that are
identical with Sohu's
dictionary, said Wang
Xiaochuan, Sohu's vice
president of technology and
head of the company's
research and development
center. On Friday, Google
released an updated version
that removed the names of the
Sohu engineers, removed 600
words, while adding just one
to the dictionary. That update
did not remove Pinyin errors
but Sunday's did. " The
new dictionary is now based on
tens of thousands of entries
Google's enormous search
database has accumulated over
the years ," Cui wrote.
That claim was confirmed
Monday by Sohu, which said the
similarity between Google's
dictionary and its own
dictionary had fallen from 96%
to 79% with the latest version
of the software.
neowin.net - 09.04.2007
Google Admits Help in Chinese Character Editor
Google has admitted to using a
third-party in developing the
dictionary for its
recently-released Pinyin Input
Method Editor (IME), aimed at
assisting Chinese users in
entering characters on a
Roman-style keyboard, IDG
reports...
betanews.com - 10.04.2007
Happy Birthday Google (8
Today)
There I was using google for
my own personal search
algorithms, and noticed it's
now 8-years old.
History
Google
Inc. is an American public
corporation, first
incorporated as a privately
held corporation on 7
September 1998, that designed
and manages the Internet's
most used search engine. The
company has approximately
8,000 employees and is based
in Mountain View, California.
Eric Schmidt, former chief
executive officer of Novell,
was named Google's CEO when
co-founder Larry Page stepped
down.
The name
"Google" originated from a
misspelling of "googol,"
which refers to a 1 followed
by one-hundred zeros. Google
has had a major impact on
online culture. The verb
"google" was recently added
to both the Merriam Webster
Collegiate Dictionary and the
Oxford English Dictionary,
meaning to use the Google
search engine to obtain
information on the
Internet . - Source: Wikipedia
neowin.net - 27.09.2006
Oxford English Dictionary finally recognises 'wiki'
The Oxford English Dictionary
has recognized the word
'wiki' as a word, among many
others in its latest quarterly
update. ‘Wiki' began life as
'wiki wiki', a Hawaiian word
meaning 'quick', but the OED
has recognised the abbreviated
version as " a type of web
page designed so that its
content can be edited by
anyone who accesses it, using
a simplified mark-up
language ". As usual, OED
has taken its sweet time with
accepting the recent addition
of 'wiki', as it has with
previous terms that many use
on a daily basis (such as the
verb 'to google' which was
not included until last
year).
neowin.net - 20.03.2007
Creative Redefines 'Podcast'
The word "podcast" --
a combination of iPod and
broadcast -- has become the
latest tech term to enter our
growing lexicon, being named
the 2005 word of the year by
the New Oxford American
Dictionary. But Creative,
unhappy that the word promotes
its rival, has redefined
podcast as "Personal On
Demand broadCast."..
betanews.com - 10.01.2006
Google can crack passwords
A clever bloke into security research at the University of Cambridge computer lab wrote in his bog last Friday that he's discovered Google works
as a password MD5 hash cracker. Someone had hacked into his bogsite a few weeks ago and created a user account. After he quickly disabled the rogue
account, Steven J. Murdoch did some forensics work -- he's doing academic security research, remember -- and thought to figure out the
attacker's password.
Since his blogsite uses Wordpress, which stores passwords as unsalted MD5 hashes in its user database, he tried a
dictionary attack. That didn't find any match, even with numbers added to the ends of words. He then used a Russian dictionary, because shell code
that had been installed by the attacker had Russian in the comments. No word matchup there, either.
Murdoch writes that he could have found
or written a better password cracker. He could have varied the case of letters, added symbols to the mix, or used common substitutions of numbers for
letters, but he didn't want to spend more time. Instead, he turned to Google. He plugged the raw MD5 hash of the attacker's password into a
Google search and, voila, Google found him some matches.
neowin.net - 23.11.2007
Why is almost half of Google in beta?
According to the Merriam-Webster dictionary, a beta is śa nearly complete prototype of a product.ť In other words, a not-yet-finished product.
Google is known for keeping their products in beta (much) longer than most other companies. But exactly how many of their products
are in beta? When we here at Pingdom investigated this, it turned out that out of the 49 Google products we could find, 22 are in beta. Thats
45%!
winbeta.org - 25.09.2008
Oxford: 'Unfriend has real lex-appeal'
Social networking is everywhere these days and that hasn't escaped the lexicographers at the Oxford University Press. They have chosen
'unfriend' as the 2009 Word of the Year. Apparently nothing earth-shattering is expected during the next 6 weeks but it does give them a jump
on rival Merriam-Webster who waits until December to reveal their own Word of the Year. Christine Lindberg, senior lexicographer of Oxford's
American dictionary program, describes unfriend as having "both currency and potential longevity." She also coined the quotation used in the title.
Critics, meanwhile, maintain that unfriend will be a temporary flash in the pan (but don't unfriend me for repeating that).
Read full story.....
neowin.net - 18.11.2009
Top 14 VoIP vulnerabilities
How are VoIP networks weak and vulnerable to attack and catastrophic failure? Securing VoIP Networks, the new book by Peter Thermos and Ari Takanen,
looks at VoIP infrastructure and analyzes its vulnerabilities much as the Open Web Application Security Project did for Web-related vulnerabilities
and Mitre did with its Common Weakness Enumeration dictionary for software. And its about human failings, too, not just technology problems.
Here are the top VoIP vulnerabilities explained in Securing VoIP Networks...
winbeta.org - 02.10.2007
Report: Home networking still too complex for most users
Home networking is "pretty dismal for the average consumer," and complexity and DRM issues are limiting the growth of the market. That's the word
from research firm Gartner, which recently released a report looking at the "Hype Cycle for Consumer Technologies."
Gartner
Research VP Van L. Baker believes that most consumers are unwilling to deal with the complexities of setting the SSID or enabling WPA encryption on
their wireless router. He says that most consumers have a basic idea of what they would like to do with their home network, which includes sharing
music and movies among various computers and devices. Baker calls the complexity of setting up a home network to share files, music and videos "the
elephant in the room that no-one wants to talk about."
winbeta.org - 22.08.2007
Sausage and mash from the hole in the wall guv'nor? [UK]
If you're attempting to take some cash out from an ATM in East London this week then the question "some moolah for ya sky rocket?" may be
greeting you shortly. Confused? You might well be, it's a new initiative in the UK by the company Bank Machine, which runs 2,500 ATMs across the
country. The company is aiming to keep dialects alive in Britain. The first round of machines have an English or Cockney Rhyming slang option. If
you're not familiar with Cockney Rhyming slang then checkout the unofficial dictionary. The company hopes to follow the Cockney cash machines with
Brummie, Geordie, Scouse and Scots ATMs in the future.
Read full story.....
neowin.net - 25.08.2009
