Sigh. nayr must have read a general article about this recently ("That did not include all the details") even that it's been known about for over 10 years now.
nayr, most likely just found out about it now. Yet even CNN ran stories about this over 10 years ago ("See the 'External Links' section at the link below"):
It's blatantly obvious, that nayr does not fully comprehend this subject matter. If he did, he would know better and have known better than to make the egregious false and misleading statement like he has here. Especially, for someone who ("claims") to be an network engineer ("In their signature here"):
Well. At least he has his clients fooled ;-)
Note: For the moment, at least.
Even MartyO proves nayr wrong in their last post here. With a more recent article, about this over 10 year old known issue:
Even the link above, provided by MartyO, by itself. Clearly shows that "None of your devices will happily give your WPA passwords in readable form" yet nayr wishes to do his
fear mongering about a subject he clearly does not understand ("
Proven by his own words here") and which is now over 10 years old.
nayr, not once here has suggested, made or showed anyone here. How to better protect their wireless network in ("
any") way as of yet in this forum thread without throwing money and equipment at this over 10 year issue, and this forum thread, is already 3 pages long.
Yet, nayr has taken the time to write statements here like:
"its far too complicated for most all of you to deploy"
"I can show up at your house today and demonstrate this attack (if you pay me enough of course)".
Go figure!
IMHO. A more positive approach may have been to inform others about "Best Practices" to better help protect ones wireless network from an abuse known about, for over 10 years now. From the get-go.
But to get more attention and at face value make it look like this was "New News". nayr instead, tried to spook everyone with a title of "How anyone can get your WiFi password" while adding fuel to the fire by making the false statement, as seen as above. With a signature in his post ("Saying") "Network Engineer" mind you!
Some "Best Practices" to help better protect yourself from this over 10 year old issue. Without the need to throw money and equipment at this issue, have been already stated here:
I would add to the above. That while MAC addresses can be spoofed. It sure can't hurt to add MAC address filtering to your Router/AP for wireless access. It's one more level of protection and has more positive benefits than negative ones for wireless access in general.
Don