December 07, 2009, 7:31 PM — Wi-Fi systems are always vulnerable to being broken into. I mean, just think about, anyone can pick up your Wi-Fi signal. On top of that many Wi-Fi security systems have long been busted. But, not there's a 'service' that claims it will help you break into relatively secure systems for $34. What a deal!
The service, WPA Cracker is designed to bust Wi-Fi networks that use PSK (pre-shared key), also known as Personal mode, WPA (Wi-Fi Protected Access). Chances are if you you're using WPA security in your SOHO (small office/home office) or small business network, you're using Personal mode. I know I do.
In WPA-PSK, everyone uses the same WPA password. This password is then encrypted using a 256-bit key. That's enough to stop casual attackers, but these days, you don't really need much technical expertise to bust WPA if you're lazy about your passwords. For example, the Church of WiFi has gathered together the most commonly used WPA passwords in look-up tables, also known as rainbow tables to make it easier to break WPA passwords when they're found on the 1,000 most popular SSIDs (Service set identifier, the broadcast name of a Wi-FI Access Point).
The core-problem with WPA-PSK is that it you use common words or combinations, 'my-password' for example, you've opened the door to a brute-force attack. All an attacker need do is work their way through a dictionary, or table, of common phrases and, with the right program and a fast computer, they'll eventually stumble over it.
Still, as you can tell using the above as a starting point, you need to at least know how to use basic Wi-Fi cracking tools to get anywhere. That's not the case with WPA Cracker.
To use WPA Cracker, you just use a simple program to grab the WPA "handshake" the initial conversation between a PC and its WPA-PSK protected AP (Access Point) and send that data, and $34, to the WPA Cracker Web site and they do the rest.
And, what is the rest? WPA Cracker's creator, a security expert who calls himself Moxie Marlinspike, says your handshake is turned over to a 400-node computing cluster that will use the WPA-PSK breaking methods described above to bust the password. While he doesn't guarantee results, since the cluster can check the WPA-PSK password against 135 million possible passwords in the 20-minutes your money gets you, I'd say the odds are darn good that they'll break that network's password.
In a PC World interview, Marlinspike explained that he created the site to speed up WPA network auditing because "It's kind of a drag if it takes five days or two weeks to get your results." And, of course, only a dedicated attacker would bother to take that long.
OK. So, yes, you could use WPA Cracker for testing security, and, as in the same PC World story points out, it's an easy way to point out to management just how easy it can be to beat WPA-PSK these days. That said, it's also an easy way to break into someone's network.
This bothers me. Yes, a bigger company can simply move up to a more secure Wi-Fi protocol such as WPA2-Enterprise, but most of the people using WPA-PSK don't have the IT resources or the security expertise to move to a really hard to breech Wi-Fi network.
Oh well, be that as it may, if you're really worried about your network security, you're going to need to move off WPA-PSK just as you did when WEP (Wired Equivalent Privacy ) became hopelessly insecure. For now, I suggest that you move to WPA2-Personal. It won't protect you forever, but in the aftermath of WPA Cracker's arrival, it will do you better than WPA-PSK will.
