Laughter is the Best Medicine

Wi-Fi key-cracking kits sold in China mean free Internet

Dodgy salesmen in China are making money from
long-known weaknesses in a Wi-Fi encryption standard, by selling network key-cracking
kits for the average user. Wi-Fi USB adapters bundled with a Linux operating system, key-breaking
software and a detailed instruction book are being sold online and at China’s bustling
electronics bazaars. The kits are cheap. A merchant in a Beijing
bazaar sold one for around 24 us dollars, a price that included setup help from a man
at the other end of the sprawling, multistory building. The main piece of the kits, an adapter with
a six-inch antenna that plugs into a USB port, comes with a CD-ROM to install its driver
and a separate live CD-ROM that boots up an operating system called BackTrack. In BackTrack,
the user can run applications that try to obtain keys for two protocols used to secure
Wi-Fi networks, Wired Equivalent Privacy or WEP and Wi-Fi Protected Access also known
as WPA. After a successful attack by the applications, called Spoonwep and Spoonwpa, a user can restart
Windows and use the revealed key to access its Wi-Fi network. One of the kits took over an hour to crack
the WEP key equivalent to the password “sugar” in a test attack on a personal router set
up for the purpose using 40-bit encryption. The brute-force attacks on WPA encryption
are less effective. But while WEP is outdated, many people still use it, especially on home
routers. That means an apartment building is bound to have WEP networks for a user to
attack. Since the kits capture data packets to perform
their attacks, they may also let a user steal sensitive personal information that a victim
sends over a network. With reporting by Owen Fletcher in Beijing,
I’m Justin Meisinger, IDG News Service.

12 thoughts on “Wi-Fi key-cracking kits sold in China mean free Internet

  1. okay, disregard my last comment, after hearing that you can steal sensitive information… makes it pretty much illegal to use.

  2. @jizzleh2 I don;t know. They just bundled consumer items – backtrack + stronger wifi adapter which means you could go make your own. Though it is used officially for security testing, we all know better.

  3. @jizzleh2 Errr.. It's like many people bootleg Photoshop and it's pretty easy to do stuff with it, but the professionals always stand out. script kiddies will always be script kiddies. What you should note is that the professionals are the ones trying to make people dependent on higher and higher levels of encapsulation, promulgating point and click culture, making themselves the "man in the middle" (middle man) which is where all the business is.

  4. @jizzleh2 It depends on the context. It's legal to do it to your own network of course, but cracking your neighbour's keys is obviously different.

Leave a Reply

Your email address will not be published. Required fields are marked *