The RC4 cipher has been under scrutiny for quite some time. Several research papers detail a variety of methods that would make an attack computationally feasible. The previous minimum data collection time that researchers believed necessary was around 2,000 hours, which was deemed practical enough to be concerning. The new attack is more practical still.
RC4 itself was originally designed in 1987, and systems administrators everywhere have been advised to disable it in their servers' SSL setups. Despite those warnings, it's still available in about 30% of SSL-secured websites. Meanwhile, TKIP is still allowed in 71% of protected Wi-Fi networks. Last March, the Wi-Fi Alliance recommended that administrators disable WPA entirely. Home users should check their router settings and ensure that their Wi-Fi networks are secured using WPA2 only.
|1. BIF - $340||2. Ryu Connor - $250||3. mbutrovich - $250|
|4. YetAnotherGeek2 - $200||5. End User - $150||6. Captain Ned - $100|
|7. Anonymous Gerbil - $100||8. Bill Door - $100||9. ericfulmer - $100|
|10. dkanter - $100|
|LG UltraFine 4K and 5K displays are the new Apple monitors||28|
|Cuplex Kryos Next water block is heaven for control freaks||0|
|OWC Ministack places up to 6TB of storage atop Mac Minis||4|
|Gigabyte lets loose a flurry of BIOS updates with Kaby Lake support||1|
|Deals of the week: a GTX 1080, photography gear, and more||4|
|Geil Evo X memory kits with RGB LED lighting are now available||15|
|GeForce 375.70 drivers gear up for a raft of triple-A titles||4|
|AMD announces Radeon Pro drivers with scheduled releases||6|
|We're giving away our Aimpad R5 review unit||22|