On Mon, Oct 15, 2012 at 3:11 PM, Bas Mevissen <ab...@basmevissen.nl> wrote:
> Does this WPS patch set contain a way to mitigate the security design flaw? Not yet. > Reading the Wikipedia article > (http://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup#Security), it looks > to me a compatible fix should be possible. I'm not an expert, but, from the picture of the whole system I gained by reading here and there, it is possible. In particular, the brute force attack can be brought from feasible to computationally impossible with the following precautions: - increase the wait time between one attempt and a new one - enable a setup time window by mean of a (virtual) button to be pressed on the router - move away from label setup method to a more secure one such as keypad method. The last point is my final goal. My plan is to have a web page securely accessible on the router where one can enter random PINs generated by devices that want to connect to my network. I hope some maintainer on this list will read my posts and make the commits. -- Lorenzo _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
