Wep

I ran inSSIDer the other day while setting up a wireless router to scan for available channels. One thing I noticed while doing so was that of the 9 connections my wireless card picked up, 8 were secured with WEP and the 1 was using TKIP.

Any particular reason why so many people still use the utterly broken WEP? Most routers by default don't even secure the connection, so if they know enough about technology to do so, they should also know that WEP is pointless.

 

Because they dont know any better, generally WEP is the first on the list, and because its just to keep out most people ( which it can do ). Between so many people using WEP and just leaving their networks unencrypted, its feasible for me to have completely free internet year round.

 

You can be a white hat and log into their router and change it to WPA lol

 

I do my fair share of piggybacking too, but I find that deliberately breaking into a "secured" network is just a tad too shady, no matter how bad the security is.

It's kinda like how the lock on your front door can't keep out an experienced lockpicker, but that still doesn't make it right for the lockpicker to break into your home just because the lock wasn't secure enough.

I gave up wasting my time and energy trying to explain to people I know why some of the things they do with their computers are insecure a long time ago, so there's no way I would help complete strangers

 

Due to the crap hardware of my company... My business laptop doesn't bite anything more secure using Fiberlink MOB. However it sets up a VPN with smartcard authorization.

 

Im not saying that I do crack their encryptions, it was just a testament as to how many people go unsecured or with weak encryptions.

 

How is that a white hat? You'd lock them out of their own networks....

 

Copy the existing WEP key and use it for WPA.

Their gonna have to enter their wifi key again, but its not like they can tell the difference between the two anyway.

 

Yeah.. people nowadays don't have much idea about security. Good for those who know and turn it to their advantage.

 

Many times there's just a "turn on security" button in the configuration apps, and if they've never updated the firmware, many older routers and older firmwares don't even have the option of doing WPA. Sometimes the hardware is just too slow to do WPA reasonably.

 

You realize, of course, that is likely not going to work. First, they have to realize something is going on. Next they have to actually DELETE the saved network from manage wireless networks, then they have to put in the same key.

When I get a laptop to work on, I typically find dozens of saved networks. People never clean then out

 

Vista doesn't help either - at one point I had 40+ copies of my school's wifi network saved. At least Windows 7 realizes that they're actually the same network.

 

Just as a benchmark - and interesting to know - how many WEP crack attempts would be logged on a WIFI AP in an average urbanized area, gaining access to the network?

Just for the sake of it - I'd be tempted to setup a WEP/WIFI AP like that and see who gets in.