[cryptography] Non-governmental exploitation of crypto flaws?

Joachim Strömbergson Joachim at Strombergson.com
Mon Nov 28 15:38:35 EST 2011


Aloha!

On 2011-11-27 21:10 , Steven Bellovin wrote:
> Does anyone know of any (verifiable) examples of non-government enemies
> exploiting flaws in cryptography?  I'm looking for real-world attacks on
> short key lengths, bad ciphers, faulty protocols, etc., by parties other
> than governments and militaries.  I'm not interested in academic attacks
> -- I want to be able to give real-world advice -- nor am I looking for
> yet another long thread on the evils and frailties of PKI.

How about  Wep0ff and friends that break WEP? AFAIK used in the wild by
curious individuals.

http://www.darknet.org.uk/2007/01/wep0ff-wireless-wep-key-cracker-tool/
http://wepcrack.sourceforge.net/

-- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Kryptoblog - IT-säkerhet på svenska
http://www.strombergson.com/kryptoblog
========================================================================

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20111128/af980d19/attachment.asc>


More information about the cryptography mailing list