On Tue, 6 Jan 2004, Adam Augustine wrote:
> Also, when people say WEP can be cracked in a few seconds, that is a
> pretty gross misrepresentation. A few seconds, yes, after many hours
> (days, weeks, months, and yes, even years if it is properly secured and
> traffic is low enough) of capture time. Early reports from Airsnort were
> not accurate. From FAQ #9, after saying it would take 1-16 days to crack
> a key:
There are several layers of vulnerability in WEP, IIRC. Some of them allowed
recovery of the key, but that's just the worst kind of break. As I recall, a
lot of cards would always start with the same IV when they powered on - so
you're reusing keystream from the second time you pop in your card. That
doesn't give you the key by itself, but it does allow eavesdropping and
modification by a clueful attacker.
Still, your point is well taken - for home users with few assets trying to
keep out low-motivation leechers, 16 days worth of barrier will keep away lots
of nuisances.
-J
____________________
BYU Unix Users Group
http://uug.byu.edu/
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
