Penetration Testing mailing list archives
Re: Legality of WEP Cracking
From: Paul Dickens <paul.dickens () iop org>
Date: Wed, 23 May 2007 08:33:10 +0100
Richard First of all; good post. I haven't yet read all of the responses but some valid opinions. As a UK customer I wouldn't feel to great about someone cracking my WiFi network but what would happen if someone malicious got their dirty hands on it? I have also heard of others chalking symbols near cracked zones. Perhaps you should go on a walkabout and take lots of photos and use this material to circulate amongst your geographic potentials! Another point, who still uses WEP in business? Clearly some must in order to get such a response from your posting. I thought WEP was flawed technology! Kind regards Paul Dickens IT Security Officer IOPP UK "Richard Brinson" <richard () kanoo-uk com> Sent by: listbounce () securityfocus com 18/05/2007 10:32 To <pen-test () securityfocus com> cc Subject Legality of WEP Cracking During an internal business development meeting yesterday we were discussing new ways of picking up pen testing clients. One of our junior engineers suggested that we go war driving, crack some WEP keys and then approach each company offering services to make them more secure. The idea was put down straight away on the basis that without prior approval we would be breaking the law. However, upon further discussion a case was made that (moral issues aside) provided we only captured traffic passively, and as long as we did not try to connect or send any packets to any devices - would the law be broken? Does the law state anywhere that we can not analyse air traffic that is broadcast into the public domain? (if so surely we would all be breaking the law every time we picked up a network other than our own) and is it against the law to know someone else's WEP key when they have not made that information available to you? What are your thoughts on this? Kind regards, Richard Brinson Kanoo Ltd This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ ************************************************************************ This email (and attachments) are confidential and intended for the addressee(s) only. If you are not the intended recipient please notify the sender, delete any copies and do not take action in reliance on it. Any views expressed are the author's and do not represent those of IOP, except where specifically stated. IOP takes reasonable precautions to protect against viruses but accepts no responsibility for loss or damage arising from virus infection. For the protection of IOP's systems and staff emails are scanned automatically. IOP Publishing Limited Registered in England under Registration No 467514. Registered Office: Dirac House, Temple Back, Bristol BS1 6BE England Vat No GB 461 6000 84. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Re: Legality of WEP Cracking, (continued)
- Re: Legality of WEP Cracking crazy frog crazy frog (May 19)
- RE: Legality of WEP Cracking Edgar Romero (May 18)
- Re: Legality of WEP Cracking Carl Livitt (May 18)
- Re: Legality of WEP Cracking Morning Wood (May 18)
- Re: Legality of WEP Cracking DaKahuna (May 19)
- Re: Legality of WEP Cracking Carl Livitt (May 20)
- Re: Legality of WEP Cracking Justin Ferguson (May 21)
- Re: Legality of WEP Cracking Morning Wood (May 18)
- RE: Legality of WEP Cracking Richard Brinson (May 23)
- Re: Legality of WEP Cracking Nick Selby (May 27)
- Re: Legality of WEP Cracking Nicholas Chapel (May 23)
- RE: RE: Legality of WEP Cracking Erin Carroll (May 18)
- Re: Legality of WEP Cracking Chris Travers (May 19)