John C Dvorak is raving in PC Magazine about Netgear wireless routers and range extenders and how easy WPS makes it to set them up–and providing some very seriously flawed security advice along the way.
“Note that WPS is crackable by serious hackers using brute-force attack, but any SOHO user not dealing with government secrets should be fine.”
There are at least two flaws in that argument. First is the idea that government secrets are the only thing worth protecting. Granted, the laws surrounding consumer financial data–at least in the United States–are very consumer-friendly, but if someone starts siphoning money off your bank account, dealing with it is still a hassle. And you do have to notice it and say something within six months.
Likewise, if someone breaks into your wireless and uses it to pirate media, you’re innocent–but proving your innocence is time-consuming and expensive. Disabling WPS and setting up your wireless connection securely costs nothing and takes about 30 minutes. That’s about twice as long as I spent on the phone with my bank the last time I had a problem with my debit card. Let’s not talk about how long it takes to go visit a lawyer and negotiate a settlement, or worse yet, go to court out of state. That sounds like an effective way to chew up all your vacation time for the year. I’d rather just take 30 minutes to secure my router.
The other flaw in the argument is that WPS is crackable by “serious hackers.” I know some serious hackers. They would snicker at that. Discovering the flaw was the job of a really serious hacker. But exploiting it, now that the flaw is public, well, isn’t much harder than hitting a baseball off a tee.
You download Kali Linux (formerly known as Backtrack), install it or boot off a live CD, then do a Google search on “backtrack wps” and you’ll find 118,000 web pages telling you how to crack WPS with it. There are some video demonstrations too. (Watch it.) If that video shows too much command-line jockeying, there’s even a nice, user friendly GUI available to do it.
I know this off the top of my head. But anyone who’s sick of paying for Internet access could start by searching Google for something like “how to steal my neighbor’s Internet connection” and find out what I just told you in less than 30 minutes. The time it takes to carry it out will vary, but a person with average intelligence and computer skills ought to be able to puzzle through it in a weekend.
And if you happen to know somebody who’s already done it, it becomes a much easier project.
This is all stuff that’s within the capabilities of a bored 14-year-old. I was a bored 14-year-old once, and I knew other bored 14-year-olds. I know what bored 14-year-olds will try, especially those who don’t think long-term, or aren’t optimistic about their long-term prospects in life.
If the 14-year-olds of my generation could steal phone service and reverse-engineer copy prevention schemes written in 6502 assembly language, today’s 14-year-olds can figure out enough nuances of Linux to get Kali Linux installed and steal your wi-fi. It’s a lot easier. Then they’ll move on to looking around on your network and seeing what they can find.
You can count on that. How do I know? Because I took a phone call from one of my former high school teachers once, telling me she caught a student breaking into the school’s administrative network, and asking me what they should do about it. (I’m sure I wrote about it when it happened, but I can’t find the post, unfortunately.)
I think PC Magazine is trying to be dismissive of the threat by using a phrase like “serious hacker.” The tools aren’t hard to find, and neither are instructions for using them, and none of it costs anything either. The threat isn’t limited to spooks with master’s degrees in computer hacking sitting in faraway office buildings. Anyone who’s willing to download a live CD and boot off it can be a threat.
It’s time to think of basic home computer and network security like locking your front door and locking your car.