And hard, too:
As the article makes clear, this isn’t just a theoretical attack–it’s something that can be used to break into real networks. Spread the word and make sure all of your networks are secured.
Except that WPA is how most wireless networks are secured. I guess you could add another layer of encryption, but how many of your average home users know how to do that? This is a big deal and most people who see a little lock icon think they’re safe when they’re not. I guess router manufacturers could do a firmware update to change the lock icon for WPA TKIP to a lock with a bullet hole in it(a la Masterlock) and leave the AES and WPA 2 icons alone. Still, that’s a lot of systems where people think they did the right thing and they’re secure, but they aren’t.
Enjoy,
Steven
I’ve been thinking a lot about wireless security lately - I have a WRT54GL router (the blue LinkSys one that’s so popular) and while it does WPA2, at this pace it’s only a matter of time before WPA2 is compromised. Sure, AES-based algorithms are considered rock-solid, but so was WPA when WEP got cracked a few years ago.
I’m probably going to go with a MoCA (Ethernet over coax) solution eventually, as this would be as secure and as fast as you can get without trailing CAT5 all over the place.