Gulp: Security Researcher Discovers WPA2 Vulnerability

It's time to be nostalgic for the days when you could count on WPA2 as the strongest, most impregnable wireless security standard. Security firm AirTight Networks has discovered a means of compromising WPA2 encryption using about 10 lines of code.

Utilising what's known as a "man in the middle" exploit, whereby an authorised member of an encrypted network can intercept private data to and from a router and inject their own malicious packets, researcher Sohail Ahmad has developed a simple method to drop traffic, drop a denial-of-service attack or snoop.

The AES encryption upon which WPA2 is based hasn't been compromised - rather, the attack exploits part of the WPA2 standard that mandates the shared use of one key on the part of every user connected to the network. This means that your WPA2 network isn't vulnerable to attacks from the outside, but rather - and more creepily - from those already trusted to join the network.

Ahmed says the attack can be pulled off using only open-source software and an ordinary network card available to any consumer - exactly how will be demoed at the upcoming DEF CON 18 hacker fest. The best news? "There's nothing in the standard to upgrade to in order to patch or fix the hole," according to another AirTight researcher.

The only way to prevent an attack of this kind, according to AirTight, is by continuously monitoring traffic over the air. Oh, and how convenient! AirTight Networks just so happens to sell wireless security consulting services. What would a good metaphor for this be? A barber throwing gum in your hair? Though, of course, better for this to be discovered by wireless security experts - conflicts of interest aside - than by someone with more nefarious intent. [AirTight Networks via Network World via PC Mag]