Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: WPS Security bug, is it still a problem on newer devices?  (Read 1331 times)

snadge

  • Kitizen
  • ****
  • Posts: 1450
WPS Security bug, is it still a problem on newer devices?
« on: December 16, 2018, 05:52:59 PM »

Hi

I recall that WPS should be disabled on routers as it has a bug that allows hackers to infiltrate, is this still the case with newer routers?

would have thought routers made since that bug was discovered would have the bug fixed?

thanks
Logged
Aquiss - 900/110/16ms - TP-Link AR73

jelv

  • Helpful
  • Kitizen
  • *
  • Posts: 2054
Re: WPS Security bug, is it still a problem on newer devices?
« Reply #1 on: December 16, 2018, 06:08:30 PM »

How long does it take to enter the password to connect if not using WPS?

Why take the risk?
Logged
Broadband and Line rental: Zen Unlimited Fibre 2, Mobile: Vodaphone
Router: Fritz!Box 7530

snadge

  • Kitizen
  • ****
  • Posts: 1450
Re: WPS Security bug, is it still a problem on newer devices?
« Reply #2 on: December 16, 2018, 06:09:49 PM »

How long does it take to enter the password to connect if not using WPS?

Why take the risk?

yeah i know, im just wanting to know if its been rectified or not so I know if I advise someone the info is correct or not
Logged
Aquiss - 900/110/16ms - TP-Link AR73

jelv

  • Helpful
  • Kitizen
  • *
  • Posts: 2054
Re: WPS Security bug, is it still a problem on newer devices?
« Reply #3 on: December 16, 2018, 06:16:20 PM »

You'd have to check the firmware release notes for each individual router.

I'd suggest saying it has been a problem on a lot of routers and as not having it is only a minor inconvenience it's better to be safe than sorry.
Logged
Broadband and Line rental: Zen Unlimited Fibre 2, Mobile: Vodaphone
Router: Fritz!Box 7530

snadge

  • Kitizen
  • ****
  • Posts: 1450
Re: WPS Security bug, is it still a problem on newer devices?
« Reply #4 on: December 16, 2018, 06:16:56 PM »

You'd have to check the firmware release notes for each individual router.

I'd suggest saying it has been a problem on a lot of routers and as not having it is only a minor inconvenience it's better to be safe than sorry.

thanks :)
Logged
Aquiss - 900/110/16ms - TP-Link AR73

ejs

  • Kitizen
  • ****
  • Posts: 2078
Re: WPS Security bug, is it still a problem on newer devices?
« Reply #5 on: December 16, 2018, 06:17:57 PM »

WPS trades security for convenience. If you don't want to use it, you should disable WPS.

What specific bug are we talking about? If it's about guessing the WPS PIN, then a router could do something like lock it out for a while after a few wrong guesses, but it would still be inherently less secure. Or you or the router manufacturer could disable the 8-digit PIN method.
Logged

snadge

  • Kitizen
  • ****
  • Posts: 1450
Re: WPS Security bug, is it still a problem on newer devices?
« Reply #6 on: December 16, 2018, 06:20:09 PM »

WPS trades security for convenience. If you don't want to use it, you should disable WPS.

What specific bug are we talking about? If it's about guessing the WPS PIN, then a router could do something like lock it out for a while after a few wrong guesses, but it would still be inherently less secure. Or you or the router manufacturer could disable the 8-digit PIN method.

many years ago it was big news that a bug in WPS existed that allowed hackers very easy access to the LAN, but i dunno if thats been addressed in routers since that happened?  last week I advised a customer to disable it as her ex is a stalker and has a hacker friend who is trying to hack her router
Logged
Aquiss - 900/110/16ms - TP-Link AR73

ejs

  • Kitizen
  • ****
  • Posts: 2078
Re: WPS Security bug, is it still a problem on newer devices?
« Reply #7 on: December 16, 2018, 06:25:25 PM »

I am going to have to go and check if the definition of "specific" has changed without me realising it.
Logged
 

anything