mailing list archives
Re: All Ur WiFi(WPA) R Belong 2 PacSec
From: wishi <brouce () gmx net>
Date: Tue, 11 Nov 2008 19:07:30 +0100
Cedric Blancher schrieb:
Le dimanche 09 novembre 2008 à 00:52 +0100, Raul Siles a écrit :
The associated whitepaper from the authors has been released on the
aircrack-ng links page:
You can find a summary I posted earlier today about it:
It is written in French, but English speaking readers can click on the
UK flag just beneath title and get a Google translated version :)
I think this a perfect example for two technologies, which aren't
vulnerable for themselves: on the one hand this attack only works on QoS
enabled Access Points, one the other hand these Access Points have to
use TKIP, too. Nevertheless of WPA I oder II, as long as no AES-CCMP is
Thing is: TKIP without QoS won't allow any successful attacks, either.
But today there's a need for VoIP and other technologies which need a
good latency. Which lead me to another tought:
UCsniff has been released this week. It's a very advanced VoIP sniffer.
Especially the combinations again are problematic. Now it's not just
application data, but even VoIP, which can leak. It's like a little
piece of dynamite added to the problem to make it explode.
- Because it'll take years for the mass of people to patch their
routers. Even great companies have to find a new common denominator to
apply more security without TKIP, because QoS most times is harder to
It seems things came together... and made a really nice explosion!
Dailydave mailing list
Dailydave () lists immunitysec com