Sunday, April 29, 2007

Podcast Pick of the Day - Security Now!

Security Now!
WEP Insecurity
Run Time: 45:54

Hosted by Leo Laporte and Steve Gibson, Security Now is a weekly podcast discussing the latest in computer security. This episode featured WEP (Wired Equivalent Privacy) and how German researchers have been able to crack it. The researchers published a paper revealing how WEP can now be cracked in under a minute. What took 5 million packets before to crack, now only takes forty thousand (1,000 times faster). It’s almost faster now to crack a WEP key than it would be to type it. The code has been made available, and it probably won’t be long before it’s implemented in security cracking software.

Gibson quotes the following numbers:

  • 25% of wireless networks have no protection
  • 50% of wireless networks use WEP
  • 25% of wireless networks use WPA (WiFi Protected Access)

Therefore, only 25% of wireless networks are “uncrackable” (only through a brute force attack).

Gibson delves into technology behind the WEP crack. It’s a fairly technical discussion, but it’s pretty amazing if you can follow how the researchers managed to crack the original WiFi security. Gibson gives alternative WiFi security measures, such as WPA, VPN and HTTPS.

The podcast can be found on iTunes and here.

Steve Gibson’s website for the latest in security and some free downloadable security programs.

No comments: