RealTime IT News

Hacker to Expose Wi-Fi Flaw Using Amazon EC2

Security best practices dictate that Wi-Fi networks should be locked down with a password. And that's enough, right?

Perhaps not, as attendees at the Black Hat security conference could learn in Washington, D.C., next week.

A German security researcher has reportedly devised a way to marshal the power of Amazon's Elastic Compute Cloud to overwhelm a secured wireless network to crack passwords and gain access in a so-called brute force attack.

Through a combination of clustered nVidia graphics processors available through Amazon's EC2 services, security consultant Thomas Roth was apparently able to comb through 400,000 possible passwords in a second in a demonstration of the vulnerability of the SHA-1 Secure Hash Algorithm.

"SHA-1 was never made to store passwords. [It] is a hash algorithm ... made for verifying data. It was made to be as fast and as collision free as possible, and that's the problem when using it for storing passwords: It's too fast," Roth said. eSecurity Planet has the story.

Read the full story at eSecurity Planet:
Researcher Breaks Wi-Fi Passwords Using Cloud Computing Power