FreeBSD Security Advisory FreeBSD-SA-03:09.signal

[Bill Moran]

Paul Robinson wrote:
> Bill Moran wrote:
> 
>> And ... as far as I'm concerned, WEP is _completly_ insecure, and totally
>> worthless.
> 
> Great, so I send you 10Mb of WEP traffic caught off the air, you can 
> decrypt it for me? You see, to me it's just a big mess of encrypted 
> traffic, but you obviously have some secret technique (or should that be 
> "t3kni|<" ?) for breaking it trivially. If you can't, you've just shown 
> it has some security advantage. Which it has.

Yes, and no.

Yes, if you send me 10Mb of WEP traffic I could crack it.

And no, it's not a secret.  The fact that WEP is cracked has been known
for quite some time.  I believe it was last spring (but my memory could
be off) that a couple of college students actually attempted the exploit
to demonstrate whether or not it was really doable.  Again, my memory
could be off, but I think they showed that it took less than 15 minutes
of sniffing to break WEP on average.  Their report is quite detailed,
including the exact (cheap) hardware that was required to capture the
packets.  Abuse google if you want the details.  The last time I looked
the data was still online.

And, yes, WEP has _some_ security advantage.  About the same amount as
locking the screen door on your house has.  The terribly easily deterred
criminals will give up.  You're right, that probably is worth something.

> Oh, and I think you meant that you were guessing WEP is completely 
> UNsecure, and not INsecure. If it was insecure, it would be asking us 
> all to hug it more often.

OK, you caught me at my own game here, Mr English.  You're right, I used
the word incorrectly.  But don't put words in my mouth.  WEP _is_
unsecure.  There's no guessing about it.

*Hugs his WEP*

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com