A professor and grad student at the University of Maryland claim to have found security holes in the 802.1X wireless standards employed in Apple’s Airport and other devices according to a PC World report. The researchers have found two kinds of potential attacks: “session hijacking”, which kicks off a user during authentication and uses their account, and “man-in-the-middle” accounts which exploits one-way authentication to allow the hacker to look like a user to the access point / base station, and an access point to the user. The Wireless Ethernet Compatibility Alliance downplayed the report.
Categories
Going Wireless: Researchers Find Security Weaknesses in 802.1X
