WPA2 Broken Again And, This Time, No Patch

Wireless security is broken—again. And this time, it's WPA2, the WiFi security protocol that meets PCI-DSS requirements. Attendees at next week's Black Hat and Defcon security conferences in Las Vegas will hear how it's practical to break into a WPA2-encrypted network without brute-force encryption cracking. The only requirement: The attacker must be an authorized user of the network. According to the researchers from AirTight Networks who unearthed the problem, a malicious insider can simply send spoofed packets encrypted using the shared group key directly to other users on the WiFi network, tricking them into redirecting their data to the insider.

Unfortunately, that makes the "Hole196" attack —named for the page where the vulnerability is specified in the IEEE 802.11 standard—difficult to detect and almost impossible to defend against. In fact, the researchers don't have a fix for WPA2 —and they don't believe there is one. The only defense may be to start layering other security measures, such as VPNs, under the WiFi protocol. That's fine for laptops running WiFi. But it's likely to be a challenge to implement on scanners, card readers and other wireless devices that retailers commonly use.