[dundee] WPA Cracked

[Kris Davidson]

WPA2 is still safe, there are a few ways of configuring WPA also so
this might be an over hyped crack of one of the types.

I think the researchers were sensationalising for the sake of
publicity, Dan Kaminsky the guy who found and helped fix the recent
DNS vulnerability did it properly.

If you're a non-home user relying solely on WPA well you deserve
everything you get, I'm sick and tired of ineffectual IT causing
security breaches or infrastructure failure; there are too many idiots
or wannabes in the networking, administration, security and IT support
fields. As a quick example off-the-top-of-my-head if I did have to
provide a wireless network I'd segment it from the main network, block
access to some secure network resources if I had to provide them, use
MAC filtering (I know its crap but it adds a level) WPA2 frontend,
with a RADIUS backend, allow only 1 login deactivate the network
outside operating hours. I'd minimise the footprint - tweak power
levels, use protective insulation and even put white noise devices and
wireless jammers on the outskirts of the sites and thats without being
paranoid.