Old CNN article on 802.11 weakness

A University of Maryland professor and his graduate student have apparently uncovered serious weaknesses in the next-generation Wi-Fi (Wireless Fidelity) security protocol known as 802.1x.


A session hijacking can occur because of the so-called race conditions between the 802.1x and 802.11 state machines. Arbaugh uses the analogy of a thief and a store owner racing for the front door at the same time. If the owner gets there first he locks the thief out, if the thief gets there first he steals everything. Because the client and the AP aren't synchronized, "loose consistency," the thief can tell the owner/client to go away and the AP still thinks he is there.


http://slashdot.org/article.pl?sid=01/02/15/1745204&mode=thread

Related Entries

• Bad Universe Trailer

  Finally, a good show about a bad universe. Starring everyone's favourite bad astronomer, Phil Plait. YouTube - Bad Universe - Sneak Peek | New Series...

• Carl Sagan: Consider Again That Pale Blue Dot

  Another excellent bit with Carl Sagan. YouTube - Carl Sagan: Consider Again That Pale Blue Dot...

• A Robot That's On The Ball

  Literally. Very cool. YouTube - A Robot That Balances on a Ball...

• Evolution made easy

  Another awesome video from Thunderf00t. YouTube - Evolution for IDiots (remix)...

• Everyone else already used 'iPad' name

  Oh Apple. First it was Cisco's iPod name, now this... "Everybody can think of an easy name like 'iPad.' It's not creative." Indeed several other...