Wireless security.. right

By Andrew Smith

For quite a few years I resisted the temptation of setting up a wireless network at home. Story after story suggested that WiFi is a crappy, unstable, and awfully insecure set of technologies. Finally though things seemed to have settled down, and with WPA2 the wardriving stories ended.

So a couple of years ago I went against my instinct and embraced the convenience of wireless networks. I thought I had secure setups, using WPA2 only, but recently I found out this is not enough.

I switched away from that lame ISP called Rogers to ElectronicBox (a DSL provider), and I returned the wireless router to Rogers. To replace it I bought a new router and set up a new network with the same SSID and password.

What a shock I got when every WiFi device in the house with the exception of my Slackware laptop happily connected to the new hotspot! That basically means that if someone else set up a wireless router with the same SSID – all my devices would happily send my password to that hotspot. Yay! Even if the password is hashed – that is some scary shit.

Now I have to spend hours reading about Wireless security again, and require PSKes or something to avoid such nonsense. Piece of shit stupid crappy garbage technology..

This entry was posted on Tuesday, November 13th, 2012 at 8:54 and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

4 Responses to “Wireless security.. right”

  1. Cesar Says:
    November 28th, 2012 at 0:53

    What I suspect is that it is symmetric key encryption since you use the same password across all devices and the router. So no passwords get sent over the air, just encrypted data.

    Still, I think that’s a bit odd that devices connect automatically to the new router just because it has the same SSID. Maybe you can jerk around with your neighbours and set-up a new router with the same SSID as them :)

  2. Andrew Smith Says:
    November 28th, 2012 at 11:09

    Yeah, I think you’re right, though it took some digging to figure that out. I’m not quite sure about using a passphrase as an encryption key though, that seems rather week even if it’s a sentence long.

  3. Tom Says:
    November 28th, 2012 at 17:06

    I’m surprised this is news to you.

    This behaviour is generally viewed as a feature. Generally people want to be able switch out routers and have things just work. This is why there’s extra authentication/authorization in the higher level protocols (ex. file sharing) to protect against

    Here’s a fun fact, most OSes keep the known SSIDs in an ORDERED list. So it’s if you have “starbucks”, for example, above “andrewshomenetwork” then a rogue router with an SSID of starbucks will beat you out and you probably won’t notice.

    Another fun fact, when there’s a collision of names (two routers called “home”) it’s a gamble which will be picked (though I bet most OSes choose the better connection). Great at Seneca where multiple APs all send the same SSID. Crappy if someone with a big antena decides he wants you to use his network.

    Oh, and, finally, hiding your SSID is a mixed solution because in the presence of non-broadcasting SSIDs your OS will broadcast (in plain text) a list of its favourite SSID’s. Great for someone wanting to play with http://airsnarf.shmoo.com/.

    Cheers,

    Tom

  4. Andrew Smith Says:
    November 29th, 2012 at 9:56

    I guess I was surprised because I don’t understand the necessity of this flaw. Why is it so hard for the WiFi client to store some sort of fingerprint (public key) of the access point? Then the admin could presumably easily copy the private key to all their access points.

    I’m still a little bit in disbelief.

Leave a Reply