It has been over two months since it was discovered that Wi-Fi Protected Setup (WPS) is vulnerable to a brute force attack that could give hackers access to a wireless router in an average of just two hours. WPS, an easy-to-use way to connect to an access point, was discovered to be inherently less secure than previously thought. Instead of having 100 million possible PIN combinations as intended, only 11,000 attempts are needed to crack the code. Today, the Wi-Fi Alliance — the organization responsible for WPS certification — sent us a statement concerning its work on the security standard:
The Wi-Fi Alliance takes security very seriously. After the publication of a vulnerability affecting some Wi-Fi Protected Setup devices, the Wi-Fi Alliance quickly updated its test plan and certification program to ensure all Wi-Fi CERTIFIED Wi-Fi Protected Setup™ devices effectively resist brute-force AP PIN attacks.
While it sounds like the Wi-Fi Alliance will be taking care of the security hole on future devices, the statement doesn't address how it plans to do so, nor does it show that it is taking any steps to rectify the issue on old routers. By default, many devices ship with WPS enabled, and for now the only way to prevent an attack is to disable the feature. While most (if not all) routers have an option to disable WPS, some devices — notably those from Linksys — ignore the setting. Since December, Cisco (the makers of Linksys networking gear) has released updates to four of its models, and has a few more on the way. Unfortunately, until more consumers are aware of the danger or the Wi-Fi Alliance and manufacturers take more definitive action to fix the problem, many are going to remain wide open to attack.