NetFort Advertising

New WPS flaw threatens millions of routers

Wireless Access Point

Check your Wi-Fi router for WPS flaw

Wi-Fi Protected Setup (WPS) which is on many home routers and also business routers has had the attack process once again sped up, this time by security researcher Dominique Bongard.

The chipset manufacturers in question are Broadcom and another so far unnamed vendor.

The weakness allows an attacker to calculate the correct key offline instantly compared to the previous research by Stefan Viehbock which took a few hours calculating through 11,000 bruteforce attempts which were not defended against. These days however some of the newer devices are rate-limiting the attempts which will mean this new method will broaden the attack vector on wireless devices.

Broadcom devices lack any key randomisation while the unnamed vendor used a non-random seed value or nonce which means the keys are always set to zero.

If you are not sure if your router supports WPS or even has it enabled you really need to check as even if you have the best and strongest unbreakable password (or at least you think you do) with WPA2 you could have a door wide open that you did not even know existed.

Go to your router manufacturers site and see if there is a new firmware update, look though the documentation and see if you can disable WPS. Some routers though still keep WPS active when you have disabled it so use a third party tool or even have a go yourself with reaver from Stefan Viehbock and test the security of your router yourself.

Keith Bennett