Mousey
Ueber Meister Mouse
- Joined
- Sep 12, 2004
- Location
- Up$hitCreek
You do not have permission to view link
Log in or register now.
If you use your iPhone's mobile hotspot feature on a current device, make sure you override the automatic password it offers to secure your connections. Otherwise, a team of researchers can crack it in less than half a minute by exploiting recently discovered weaknesses.
It turns out Apple's iOS versions 6 and earlier pick from such a small pool of passwords by default that the researchers—who are from the computer science department of the Friedrich-Alexander University in Erlangen, Germany—need just 24 seconds to run through all the possible combinations. The time required assumes they're using four AMD Radeon HD 7970 graphics cards to cycle through an optimized list of possible password candidates. It also doesn't include the amount of time it takes to capture the four-way handshake that's negotiated each time a wireless enabled device successfully connects to a WPA2, or Wi-Fi Protected Access 2, device. More often than not, though, the capture can be completed in under a minute. With possession of the underlying hash, an attacker is then free to perform an unlimited number of "offline" password guesses until the right one is tried.
The research has important security implications for anyone who uses their iPhone's hotspot feature to share the device's mobile Internet connectivity with other Wi-Fi-enabled gadgets....
