Cool Beans

If you haven't heard already, there is a whitepaper out on how to crack WPA (Wifi Protected Access, supposedly the "more secure" version of wifi encryption). I'm trying not to echo too much net security news on this blog because others tell it quicker and far better than I. However, I just couldn't resist mentioning this because the implications touch on something I've long believed about wifi: Don't use it if you can avoid it. If you want the quick run-down, check here. In essence, the hack against the formerly "more secure" WPA security takes a while, but is indeed hackable, thanks in part to the 802.11i standard itself.

I've always been one for preferring wired, myself. But who wants to run wires everywhere? And what about cafes and conferences? How will we survive without wireless?

With the advent of things like karmetasploit (Karma wifi tools + HD Moore's hack-enabling leetness), it is so easy to unknowingly hook into a tainted wifi access point. But now as the very technologies we've been advising people to switch to now have practical hack whitepapers written about them, I'm just about ready to throw in the towel about reliable wireless security.

My recommendation, if you must remain mobile, is to switch to EVDO mobile wireless, or at the very least only use WPA2. Not entirely feasible, I know. Especially if you're bored at a local coffee shop and see 20 free hotspots that invite you to reconnect to your precious RSS feeds and email.

Do so with the knowledge that it's not difficult anymore to steal your traffic.