I’ve never trusted Wi-Fi Protected Setup (WPS) on my Wi-Fi access points (AP) and routers. I’ve always thought that anything that was that easy to set up had to be easy to hack. It turns out my gut was right. The U.S. Computer Emergency Readiness Team (CERT) has confirmed that security researcher Stefan Viehböck has found a security hole big enough to drive a network through WPS.
According to Viehböck, he took a look at WPS and found “a few really bad design decisions which enable an efficient brute force attack, thus effectively breaking the security of pretty much all WPS-enabled Wi-Fi routers. As all of the more recent router models come with WPS enabled by default, this affects millions of devices worldwide.” CERT agrees.
How bad is it? CERT states that “An attacker within range of the wireless access point may be able to brute force the WPS PIN and retrieve the password for the wireless network, change the configuration of the access point, or cause a denial of service.”