On Friday, Thomas Roth, a Cologne-based figurer safety proficient told the Reuters word agency that the unmarried password encryption method used past times close WiFi network administrators is non equally foolproof equally they would similar to think.
By running specialized software on a cloud-based figurer he leased from Amazon, the safety researcher said he had been able to hack into WiFi networks secured nether the Wireless Protected Access (WPA) protocol, which had been previously considered really difficult to penetrate.
While that mightiness get got been truthful until really recently, Roth has at in 1 trial flora an slowly in addition to inexpensive way in.
His method is via Amazon, from whom it is currently possible to hire cloud-based computers for only 28 cents per minute. By contrast it would terms tens of thousands to purchase similar kit.
Quick in addition to effective
Roth said it initially took him xx minutes on 1 of Amazon's cloud-based computers to hack his way into a WPA protected network close to his home. He has since managed to cut down his laid upwards on fourth dimension to only vi minutes.
His software uses a "brute force" attack, firing passwords to essay to opened upwards the secure network at a blinding speed of 1 meg inwards nether 3 seconds.
Once an intruder has successfully broken into a network, in that place tin drive all kinds of harm to both someone in addition to work organization users.
"Once y'all are in, y'all tin create everything y'all tin create if y'all are connected to the network," the safety proficient said.
Spreading the word
Roth is at in 1 trial planning to demo his software to a hacker conference live held inwards Washington, D.C. afterward this month.
This technique is not, he stresses, a agency of propagating virtual crime, but to opened upwards network administrators' eyes to the weakness of what they perceive to live impassable safety protection.
"People say me in that place is no possible way to pause WPA," Roth said.
But amongst the utilisation of this variety of laid upwards on using systems such equally Amazon Elastic Compute Cloud (EC2) he has proved them wrong.
Amazon spokesman Kay Kinton told Deutsche Welle that Roth's run was non predicated on the utilisation of the company's EC2.
"As researchers oftentimes do, he used EC2 equally a tool to demo how the safety of to a greater extent than or less network configurations tin live improved," Kinton said, adding that testing is an first-class utilisation of Amazon's Web Services (AWS).
"However, it is a violation of our acceptable utilisation policy to utilisation our services to compromise the securit of a network without authorization."
News Source : Google
Share This :
comment 0 Comments
more_vert