Cloud Based Wireless Cracking Services

Monday, December 14, 2009

Security researchers are leveraging cloud computing to crack WPA wireless passwords at a cost and we’re wondering what other nefarious deeds are being done via cloud computing that we’ve never heard about. To be fair about this, for starters if you take notice of PC World’s title for the article, “New Cloud-based Service Steals Wi-Fi Passwords” it’s completely wrong. The service does not steal anything instead it simply breaks the information given (stolen) by the purchaser of the service. Notice how an article like this can cause confusion and misery somewhere down the line. Similar to saying “China is downloading hundreds of terabytes worth of data” when in fact, the data was viewed by an American on a Chinese computer. Don’t you love politics?

The service is touted as being capable to test 135,000,000 words in 20 minutes – 6,750,000 words per minute. Being diplomatic about this, I wonder the percentage rates of those using the service for legitimate purposes (security testers) and those using it for ulterior motives – breaking into the Federal Reserves WPA access point. There is no way to really gauge this, but it would be informative to see who is using the service for what purpose. With that said, it brings me to another question – who’s on first.

The pricing on Amazon [3] is ripe for creating some interesting distributed services and applications and I wonder how RC5 [4] would have fared against a program like Moxie’s (Moxie Marlinspike, creator of the WPA cracking site). I also wonder what kind of inventive mind is going to hurt the case for cloud computing. Assassination Market? [5] Cocaine Auction Protocol? [6] The possibilities are endless. I also wonder when the first instance of a major compromise will be disclosed because of the cloud.

Far too often those in the cloud industry underestimate the power of tinkerers. The power of the almighty dollar (or Euro or Yen). With the cost of some of these services at bargain basement prices, how long will it be before a criminal organization [7] begins to distribute massive amounts of droppers [8], heuristic malware, etc., just imagine for a minute, the capability of dropping 135,000,000 different payloads just when most antivirus programs innoculated themselves. Scary thought.

Personally, I wouldn’t use this type of service. Not because it isn’t worthwhile using, if I were performing a security audit on say “Bank of Mytown” and passed off IP information (sanitized or not), who is to say what happens with the traffic dumps I uploaded to the site. It’s reckless. Imagine for a moment you discover your clients WEP key is “BankOfMyTown_HartFord_Office1234″ guess what? That data is no longer solely visible to you. The risk is multiplied the moment you uploaded it. “Was your own connection sniffed during the transaction?”, “was your packet capture erased the moment your password was given to you?”, “who else has access to this data” and the questions linger. As for me, if I’m performing security testing, I’m almost sure the environment I’m testing already has risk, why introduce more.

[1] http://www.pcworld.com/businesscenter/article/183934/new_cloudbased_service_steals_wifi_passwords.html
[2] http://www.wpacracker.com/faq.html
[3] http://aws.amazon.com/ec2/#pricing
[4] http://www.distributed.net/
[5] http://en.wikipedia.org/wiki/Assassination_market
[6] http://www.cl.cam.ac.uk/~fms27/papers/1999-StajanoAnd-cocaine.pdf
[7] http://en.wikipedia.org/wiki/Russian_Business_Network
[8] http://stason.org/TULARC/security/computer-virus-l/22-What-is-a-dropper-Computer-virus.html

Original Post:
http://www.theaeonsolution.com/security/?p=72
Possibly Related Articles:
8317
Cloud Security General
Encryption Hacks Passwords Wireless Cloud Security
Post Rating I Like this!