[cryptography] Non-governmental exploitation of crypto flaws?
jon at callas.org
Mon Nov 28 21:10:28 EST 2011
>>> WEP? Again, we all know how bad it is, but has it really been used?
>> Yes, WEP was a confirmed vector in the Gonzales TJX hack:
> Ah --- I'll check. I knew they attacked WiFi; I didn't recall that they'd
> cracked WEP. Thanks.
I don't believe the TJX attack cracked WEP. I believe that the post-hack auditors identified WEP as a weak point, but the attackers got in through an easily-cracked network. By easily cracked I mean something like a stupid password or unsecured. The attackers were not sophisticated.
More information about the cryptography