WEP used to be the most common wireless encryption standard for Wi-Fi before being replaced by WAP and WAP2, but the recent discovery of a weakness and the apparition of “password recovery” software mean that more reliable encryption standards must be devised.
US-based AccessData has been providing law enforcement and government agencies with digital forensic software intended for cracking encrypted data. Their competitor, Russian software developer Elcomsoft, has unofficially been selling password-cracking software to government staff in the USA and Germany. Elcomsoft was brought to court in 2001 for violation of the Digital Millennium Copyright Actand found not guilty. They claim their software is legal as long as the licence owner uses it on his own files. The array of software can conveniently “recover” passwords from Microsoft Office files, Adobe Acrobat documents, ZIP and RAR archives, SQL databases, Wordperfect and Lotus documents, POP3 and IMAP mail accounts, instant messenger accounts and Internet Explorer.
In January 2009, the company launched a ”Wireless Security Auditor”, an application that listens to WiFi data packets between two devices and makes use of the staggering processing capacity and acceleration technology of video cards to cracks the key in a few dozen hours, instead of the usual hundreds.
Basically, no data encryptions method is 100% crack-proof so the only solution for the moment is generating complex and long passwords, favoring Open-Source software encryption with the highest key size (each additional bit exponentially strengthening the password) and encrypting everything in a cascade, like Russian nesting dolls: store your critical data in an encrypted file in an encrypted folder, and only communicate it through encrypted email over an encrypted server connection over an encrypted Wi-Fi hub. Got it?
Now first things first: where did I put my old ethernet cable?
Post a Comment