One thing I do not understand.... Why? What brings someone who obviously loves everything computing to do this to other users? And for what purpose? I have to say that this sort of thing really gets my back up..... Why don't this people spend their time foiling nets of paedophiles or web criminals?
if it can be done, it will be done. im not sure if this is really the sort of content hwf wants to be associated with, although interesting and fun i would be careful you dont get on the wrong side of anyone
To the average joe like myself security is locking your doors { firewall, anti-virus, anti-spyware, etc...) we don't concern ourselves with the how and the why...but...to a professional InfoSec specialist it's knowing what can be done, how it's done, what they're after, and how to stop it. And in order to know how to stop something you need to know how they do it. If you were in charge of a company's security...this is something you'd want to know. Why? Because then you could come up with a plan to prevent it. There will always be those who will misuse knowledge...you can't prevent that...unless of course you prohibit any knowledge that can be abused...and even then you won't stop it. And you'll always have those who see the negative aspects of anything. but trying to control the behavior of others is a waste of time and energy.
Your argument, with all due respect, is a lot of tosh. The guy did not write a serious piece about how to make your WEP connection more secure. Instead he gave a step by step guide to exploitation. His forum members did not reply thanking him for alerting them to possible vulnerabilities but thanked him for a "nice tut". This is a guide to nothing short of cyber vandalism. As far as I am concerned, it is exactly like writing a step by step guide on how to build a bomb using household materials. As for seeing things in a negative way - Your house, which is you castle, is accessible to burglars in one way or another. Unless you want to live in Fort Knox, will you see it in a positive way if a burglar showed you where you went wrong 'defending' it?
These tutorials do serve a very worthwhile and important role in wireless security, just as releasing exploit details / code forces a manufacturer to patch there software (hopefully), tutorials highlighting how easily this can be done raise consumer awareness and say "we want something better" NOTE: Manufacturers are normally informed of possible exploits in there products and given a fair amount of time to correct them before exploit details are released (but not always) what you have to ask yourself is, would WPA exist if consumers hadn't demanded something better than wep? (WPA still isnt great but hey, better than WEP) And as for baning information, information wants to be free! you cant stop it (especially on the Internet), and remember if you ban tutorials such as these only the malicious will have them... and consumer awareness will be low, you work it out!
Just a heads up guys: this is some pretty dicey territory as it revolves around hacking. Due to the nature of the topic, if it strays out of bounds, we are going to close it. As long as the discussion doesn't start advocating malicious use, I don't see a good reason to close it. We have had some discussion on wether to leave this thread go or not. Obviously, we are, but it's subject matter puts it on the fence.
I understand your concerns...but...the author is not a hacker...he's a security specialist...he looks for vulnerabilities and exposes them. Just like some members do penetration testing and some purposely download and examine viruses in a controlled setting. This is how problems get revealed and solved...if there weren't people doing this work then many vulnerabilities would only be apparent to those who prefer to keep these issues secret for their own use. A so-called ' hacker ' doesn't want you to know how you are vulnerable...he wants to use that vulnerability without your knowledge...they generally don't make public their ' trade secrets '. But...could this be used by the wrong person for the wrong purpose? Absolutely. But...chances are...the ones you should be worried about already know. This is not advocating illicit activity...this is a reporting of a vulnerability...and an examination of it...the more we know the better off we are. If you don't know what can be done and how it's done...how could you possibly protect yourself against it?
That's the reason it's being left open, and as long as it stays on those terms, we don't see a problem.
My last post in this thread... promise. I am still not convinced that nokia has our best interest at heart but saying that I doubt he, or anyone else here, will loose much sleep over my opinions.... Here is a post from our own forum - http://www.hardwareforums.com/wireless-modems-security-14919/ There is a clear warning there regarding WEP, (courtesy of Addis) however there is no step by step on hacking, cracking or anything of the sort.
I understand your point of view...really...because that used to be my point of view. That is until I spent some time with and reading the posts from security professionals whose job it is to know these things...who are not satisfied with just being told not to use something, they want to understand why and how it works. Granted...unless you have some interest in security beyond installing a firewall and anti-virus an in-depth study will seem to be too much...when I joined this forum ( Hardwareforums ) I was greener than green...I knew nothing...nada...zip...everyone here sounded like a hacker to me...the depth of their knowledge to me was mind-boggling... so...yes...I used to feel the same way you do.
