by stephanlange on November 7, 2008
Erik Tews will be giving a presentation next week at the PacSec Conference in Tokyo, describing the "mathematical breakthrough" that, he says, enables him to crack WPA-TKIP in 12 to 15 minutes. There are some limitations, as the data sent from a connected device to the compromised router is apparently still safe, but anything headed t’other way is wide open, and could even be supplanted by bogus bits sent from a Cheetos-munching hacker slouching in a rusty Ford Taurus in the parking lot. Read more here.
I say – bring on WPA2
by eunmac on October 23, 2008
Swiss researchers Martin Vuagnoux and Sylvain Pasini have been able to decode what is being typed on a wired keyboard from a distance of 20 metres by detecting the electromagnetic signals made by key presses. It even worked through walls.
http://lasecwww.epfl.ch/keyboard/
This represents a major new problem should the process shown be abused by less law abiding citizens. Identity theft, login/passwords, sensitive information could all be extracted using this eavesdropping method. Whilst theoretically the signals could be masked in future keyboards (now the problem has been identified) it does mean that many existing computers worldwide have a potential security issue that cannot be rectified using software or network security changes. A wireless keyboard appears to be a safer alternative at this stage although a report by Markus Kuhn and Ross Anderson (here) suggest wider scale issues.
Whilst these are early tests the researchers conclude that “wired computer keyboards are not safe to transmit sensitive information” and that their experiments could be improved easily.
If you see a person acting strangely outside your house carrying one of these, DO NOT access your Internet banking! 
Video:
http://vimeo.com/2008343
