WiFi Attack Vectors.

The article presents information on security risks of WiFi connectivity. While many users may know that WiFi is vulnerable to hacking, far fewer know why. The genesis of the wireless insecurity problem was the 802.11 standard. The vulnerabilities were built into the protocols. Nowhere is this more evident than in the bungled implementation of the RC4 symmetric, stream cipher algorithm in the implementation of Wired Equivalent Privacy (WEP). The WEP implementation of RC4 is flawed in several ways. It should be noted that even if the implementation of RC4 was corrected, WEP would still be vulnerable to replay attacks, checksum forging, message integrity check forging, and sundry authentication attacks resulting from the fact that both the plaintext challenge and cipher text response are broadcast. IEEE standard for IV selection was ambiguous, so many wireless vendors use sequential IV generators that begin with 00:00:00 and wrap with FF:FF:FF. Other WEP weaknesses that may be exploited include defective key-generation implementations. INSET: URL Pearls.