Scribd
Upload
13 views3 pages

Wi-Fi Protected Setup (WPS)

Uploaded by

Arixson
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
13 views3 pages

Wi-Fi Protected Setup (WPS)

Uploaded by

Arixson
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

Wi-Fi Protected Setup (WPS)

Check out my brand new color printer I love this printer.

You should have heard the salesman tell me about it.

It's got.

I could plug it in through usb.

It's got an RG 45 for network capability but the coolest part is is that it's
wireless.

So I'm all excited that I could just put this printer anywhere I want in my office
and everybody will be able to print to a wirelessly.

Well taking devices other than computers and connecting them to wireless networks
has always been a challenge.

Not that long ago the primary way we would do it is that sometimes these printers
would have some big interface and we'd have to program in which SSID for it to use
and type in the WPA2 to password and all that.

And we still see some of that the other way.

Could we could do it as I would plug in us be and I would have a little disk that
came with it and I would have to go about configuring this guy so that it could
plug into the wireless network unplug the usb and put it wherever I want it.

Well these all are kind of painful processes and not easy for normal people.

So a few years ago the Wi-Fi Alliance the people who make all this stuff came up
with something called WPS or Wi-Fi protected setup.

The idea behind Wi-Fi protected set up is basically is this you take your wireless
access point or router and you press a button on the router just press a button.

You now have about 60 seconds to walk over to whatever device you might have and
press a button there and they will automatically configure themselves with WPA2
passwords the whole shebang.

You don't have to do anything.

Sounds great right.

Well it is.

Well it isn't.

The problem with WPS is that it's a really great concept literally push button
wireless configuration.

However the problem starts right here.

This is a little fairly modern wireless access point.

This is a home router system made by Cisco called the 8500.

Not even two years old yet and it is WPS capable.


So what I need you to do is first of all take a look on the back of this guy.

If you look on the back of this router you'll see it's got a little blue button
right here.

If I want to connect this printer to this router I start off by going over the
router.

Then I press this button.

Now I get about 60 seconds to press this button over here.

And that's really all I have to do.

And they're automatically connected.

It has a lot of fun.

In fact most network cards have the WPS button as well.

This little network card here has one also.

I want to use WPS

The cornerstone of WPS is an eight digit code.

It's too small.

I can't show it to you here so I printed it out big.

It's an eight digit code and separated by a dash.

And this is the secret code that's being queried and passed between the devices.

Now this looks pretty cool.

And it is in fact this is so important now that any device in order to be


accredited by the Wi-Fi Alliance has to be WPX capable so everybody is WPX except
well there's one huge problem and it's this eight digit code.

The process we go through to get this eight digit code accepted electronically is
that it accepts the first four digits then it says good job and then accepts the
next eight digits to try to figure out an eight digit code could take like will do
vary how you look at it years to figure out a four digit code takes under an hour.

So guess what WPS while convenient is so incredibly hackable that it's just gobbles
the imagination it's unreal.

And to make it worse it's not like there's some little piece of firmware that we
can throw into these devices and magically fix the problem.

The WPS people are just kind of like uh-oh and nobody is enacting a repair.

There is nothing to repair short of massive redoing not only the standards but 10
bazillion devices every printer every network card every router.

All of these would have to be read done through some kind of super patch that just
isn't going to happen now.
So the answer is turn off WPS.

Well that sounds great.

Unfortunately a lot of devices simply cannot have WPS turned off.

One of the things we're seeing people do escpecially with these home routers is
that they're ripping out the firmware that came from D-Link or Cisco or lynxes or
whatever it might be and they're using third party tools like DD-wrt and things
like that to get around it.

The bottom line is is that WPS while it sounds fantastic and it is it's amazingly
convenient has a fatal Achilles heel that makes everybody come up to one conclusion
turn it off.

WPS enables one-button setup of wireless devices

all modern wireless devices are WPS-enabled

WPS can be a security threat

You might also like