A moment of mourning…

Time to hold a moment of mourning. It appears that WPA (fortunately not WPA 2 yet) has been cracked:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9119258&source=NLT_AM&nlid=1

http://www.itworld.com/security/57285/once-thought-safe-wpa-wi-fi-encryption-cracked

I realize Erik Tews is probably a good person and all and probably believes he’s helping the world by finding this vulnerability before the “real” hackers do, but ultimately I’m unimpressed. The fact is, the real hackers aren’t finding the majority of these major holes, the researchers are. The hackers are just using the holes found by the researchers and exploiting them. Its not clear that if the researchers were to leave things “as they were”, that say WPA TKIP would have have ever been cracked.

The truth is, and I’m not trying to insulting to Erik, that this is as much about the researchers’ egos as any efforts toward the supposed “common good”. In the end these hacks aren’t necessarily helping anyone but the bad guys.

Ok, that’s a little too general. Some of these hacks/cracks are just too obvious, but some, like this one, clearly need the kind of effort that is less likely to be found in the hacker community and more likely to be found in the research community. In the end, since the later group is supposed to be the “good guys”, it would be better if they perhaps focused on something more constructive.

Or perhaps to put it another way, “Stop helping us!”

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *