Terry Olaes
I Used to be the [H] News Guy
- Joined
- Nov 27, 2006
- Messages
- 4,646
Weak randomization is the attack vector in a recent exploit of Wi-Fi Protected Setup (WPS). The article doesn't talk about remediation options but turning off WPS is probably one way to start.
Because many router manufacturers use the reference software implementation as the basis for their customized router software, the problems affected the final products, Bongard said. Broadcom's reference implementation had poor randomization, while the second vendor used a special seed, or nonce, of zero, essentially eliminating any randomness.