WEP key wireless cracking made easy | The Register

If you’re one of the many people still using older wireless gear that doesn’t support WPA, it may be time to toss it. A group of German cryptography researchers has modified a tool called aircrack, greatly reducing the amount of time it takes to recover the WEP key. While the weakness of the WEP encryption scheme has been widely known for years, there hasn’t been a tool that could break the encryption so quickly until now. This could give would be wireless leeches easy access to your encrypted wireless network, no matter how clever your password is. While the intrusion is bad enough, it also exposes you to the legal consequences of anything someone might do while connected. If you’ve got wireless, but no WPA, now is the time to get it. If you don’t know how, get help or turn it off.

Maynor reveals missing Apple flaw

At last year’s Black Hat convention security researcher David Maynor gave a short video presentation in lieu of an actual exploit demo. The video is deceptive because Maynor claims to be using a 3rd party card, but the Macbook he claimed to be using it on had no place to plug it in. Many took this to mean that the entire presentation was a fraud, without reading between the lines. Maynor has now revealed details he was previously under legal pressure to keep to himself. These details now reveal that even though the flaw was in a 3rd party driver, Apple still pressured Maynor to keep it quiet. Apple later fixed the flaw, but did not give Maynor or his colleague Jon Ellch credit. Apple even went so far as to craft a blog entry intended to be posted by Maynor disclaiming any possible threat to Apple laptops. Maynor is now at a new company and has vowed not to inform Apple of any new flaws he finds. Apple needs to learn an important lesson here. Pushing researchers away only ends up hurting you as your source of information dries up.