I guess this has been inevitable for some time, but the the WPA wireless security protocol has now been effectively hacked. A Japanese group have developed a hack for the WPA protocol and will be presenting their findings in Hiroshima on Sept 25th (http://www.ieice.org/ken/paper/20090925faPH/eng/).
See here for their full report:
If you are using WEP(already hacked) or WPA, I would strongly encourage you to switch to the WPA2 protocol as soon as possible. If you are using WPA with AES, you should be fine, for now. This hack currently affects WPA using TKIP. But if you have to switch things up might as well go to WPA2 with its newer version of AES. It's only a matter of time before this exploit is actively used, so time is critical.
Here's also a report on this from Network World:
http://www.networkworld.com/news/2009/082709-new-attack-cracks-common-wi-fi.html
Sep 7, 2009 at 2:59 PM Criminals and outcasts haven't been able to hack WPA, so why should universities see it as their duty to try to ruin otherwise secure industry technologies? It prematurely terminates the guaranteed security of wireless devices that only support WPA and are too old to have built-in support for WPA2. It makes the home wireless networks vulnerable
used by ordinary people who will never be aware that WPA has been hacked.
If the group concerned are so smart why can't they put their talents to something useful that creates and inspires rather than to destroy and undermine? Or have I missed something?
Sep 7, 2009 at 10:33 PM @ Gary F
It would be better for a research group to find a problem and let the public know, then for the bad guys to find the problem and NOT let the public know, wouldn't it?
Further, the golden rule of security is that nothing is ever 100% secure. You're always going to have to race, no matter what you may do. It's just when the good guys find out about it first, you have the benefit of knowing when it's time to upgrade.