Weakness in Passphrase Choice in WPA Interface

Grok Headline matches for Weakness in Passphrase Choice in WPA Interface

ActiveState Awards ActiveState is
delighted to announce the second annual
Programmers' Choice and Activators'
Choice Awards. The awards honor the
unnamed heroes who actively contribute
to open languages and display excellence
in their programming efforts

ActiveState Awards ActiveState is
delighted to announce the second annual
Programmers' Choice and Activators'
Choice Awards. The awards honor the
unnamed heroes who actively contribute
to open languages and display excellence
in their programming efforts 06/06/2002 07:02 AM
A Beta version of PHP for NetWare is available on the Novell Developer Kit site. This version is based on the 4.0.8 (development) version of the PHP source code.

Re: aterm 0.4.2 tty permission weakness

Re: aterm 0.4.2 tty permission weakness 07/15/2004 03:10 PM
Armin Wolfermann (Jul 14 2004)

Sales Weakness From InterMune

Sales Weakness From InterMune 04/30/2004 01:43 PM
Actimmune is stumbling without data to support its use.

Intel shows weakness

Intel shows weakness 09/02/2004 04:10 PM
ZDNet Sep 2 2004 9:00PM GMT

aterm 0.4.2 tty permission weakness

aterm 0.4.2 tty permission weakness 07/13/2004 06:40 PM
Maarten Tielemans (Jul 13 2004)

Serious TCP Weakness Identified
(26-Apr-2004; 10.4K)

Serious TCP Weakness Identified
(26-Apr-2004; 10.4K) 04/26/2004 09:53 PM

FTC peers through Windows weakness

FTC peers through Windows weakness 11/06/2003 11:10 AM
ZDNet Nov 6 2003 9:52AM ET

Re: [security] aterm 0.4.2 tty
permission weakness

Re: [security] aterm 0.4.2 tty
permission weakness 07/15/2004 05:20 PM
lorenzo (Jul 14 2004)

McAfee sees accounting weakness

McAfee sees accounting weakness 04/04/2005 08:22 AM
Another tech company that can't keep the books

U.S. Economic Gauge Signals Weakness

U.S. Economic Gauge Signals Weakness 09/23/2004 04:04 PM
Reuters via Wired News Sep 23 2004 7:31PM GMT

Re: Inexcusable weakness in Kmail /
GnuPG

Re: Inexcusable weakness in Kmail /
GnuPG 12/25/2004 05:09 PM
Simple Nomad (Dec 23 2004)

This Deal Might Reveal Cisco's Weakness

This Deal Might Reveal Cisco's Weakness 06/13/2004 11:02 PM
Business Week Jun 14 2004 2:54AM GMT

Researchers spot XP SP2 security
weakness

Researchers spot XP SP2 security
weakness 08/20/2004 08:22 AM
vnunet.com Aug 20 2004 12:25PM GMT

No weakness in IT expat salaries: Survey

No weakness in IT expat salaries: Survey 12/09/2003 08:25 AM
CNET Asia Dec 9 2003 7:43AM ET

Wi-Fi's new security standard has a
weakness

Wi-Fi's new security standard has a
weakness 11/04/2003 03:37 PM
BoingBoing pal Glenn Fleishman writes:

I wrote a piece yesterday for the Mac journal TidBITS about the recently released implementation of Wi-Fi Protected Access (WPA) in the AirPort Extreme product line from Apple. WPA replaces WEP by fixing its various holes. That article drew a response from Robert Moskowitz, long-time wireless security expert, who sent me a paper and his permission to post it about a serious weakness in the consumer version of WPA: if you choose short keys that are comprised of real words, WPA keys can be easily broken through passive access to a network.

I've written this up and posted his paper here. Interestingly, the problem is all at the presentation layer, not at the encryption layer. It's a flaw with how manufacturers are offering users the chance to create and enter WPA keys, and thus could be easily fixed with a driver update -- no firmware necessary.

Sun Java Predictable File Location
Weakness

Sun Java Predictable File Location
Weakness 07/13/2004 10:33 AM
“A weakness has been reported in Sun Java, allowing malicious websites to write arbitrary content to a file with an easily guessable name….Solution: Use another browser than Microsoft Internet Explorer. Alternatively disable Active Scripting in Internet Explorer. If you do not use Internet Explorer, this issue is not considered a security problem.”

[SECURITY] [DSA 429-2] New gnupg
packages fix cryptographic weakness

[SECURITY] [DSA 429-2] New gnupg
packages fix cryptographic weakness 02/16/2004 02:36 PM
Matt Zimmerman (Feb 13 2004)

AP: Witness Shows Weakness in Bashir
Case (AP)

AP: Witness Shows Weakness in Bashir
Case (AP) 09/13/2004 04:59 AM
AP - Prosecutors have pinned their case against an alleged terror chief on a former comrade, who plans to testify that cleric Abu Bakar Bashir heads the al-Qaida-linked network blamed for numerous attacks, including last week's bombing of the Australian Embassy.

Linux VServer procfs Permission Weakness

Linux VServer procfs Permission Weakness 07/07/2004 04:44 AM
“Veit Wahlich has reported a weakness in Linux VServer, which can be exploited by certain malicious, local users to cause a DoS (Denial of Service) or gain knowledge of sensitive information. The vulnerability is caused due to weak permissions on procfs, which allows a privileged user on a virtual server to manipulate the permissions on “/proc” for all virtual servers or gain knowledge of information related to other virtual servers….Solution: Update to version 1.28.”

Paul Gigot brings out the Kerry weakness

Paul Gigot brings out the Kerry weakness 08/03/2004 12:06 AM
Wall Street Journal .. The Patriot Act

opinionjournal.com/editorial/feature.html?id=110005434
track this site | 4 links

Broken Networks: The Weakness of Weak
Ties

Broken Networks: The Weakness of Weak
Ties 04/13/2005 08:39 AM

The Idea: The Internet has made it technologically possible for anyone to find and connect with anyone else -- and for ideal relationships to be established. But these idealized connections are rendered almost impossible by human nature, which leads us to prefer the known and trusted over better-suited strangers, and leads the people most in demand to cut off connections with almost everyone else. That effectively prevents a lot of powerful ideas from being realized. In my recent post on Blog-Hosted Conversations, I threw out the following Question as a possible first Conversation topic: How could we overcome the huge disconnect that exists today between the people who have great ideas and the people who have the money and other resources to realize those ideas? The question provoked almost as much response as Jeremy Heigh's idea for the Conversations did, so I thought it might be worth exploring further how and why this disconnect exists. In the post I mentioned that I belong to these informal communities and networks, with about 1500 members in total: natural philosophers/environmentalists, business advisors/theorists/entrepreneurs/co-workers, technophiles/social networkers, progressives, artists/storytellers, Salon bloggers, Canadian bloggers, and physical neighbours/relatives/friends Some of those people are useful 'connectors' that give me access to other communities and networks: For example, some of the bloggers in my business, progressive, Salon and Canadian blogger networks also happen to be published authors, journalists, publishers, economists, venture capitalists, teachers or professors, and know others in these fields. Some of them are true Tipping Point 'connectors< /a>', who pride themselves on hooking people up with others they would probably never find on their own. The logic of LinkedIn and eCademy is based on the presumption that if your networks are substantial and well-managed you should be able to get access to virtually anyone and anything you need through "the strength of weak ties (SWT)". This may work fine in the application that SWT theory was originally developed around -- finding prospective employees. The employer is often looking for the best possible candidate, and wants to cast as wide a net as possible. The onus is on the job-seeker to navigate his/her way through the weak ties and win the job. The employer incurs virtually no cost in casting the wide net (especially today with the cost of posting electronically virtually zero). This is especially true if the recruiter delegates pre-screening duties to HR staff or a 'head-hunter' to create a tiny short-list of candidates to interview. And today, with big corporations being net destroyers, not creators, of jobs, where searches for well-paying jobs are increasingly scarce, a wide net can attract some extraordinary people, enough to pay for the head-hunter in spades. When you're a big corporation with lots of resources at your disposal, it's a buyer's market. But in most situations -- the search for business partners, marriage partners, jobs or investors for example, or the search for experts or employees if you're an entrepreneur with modest resources -- the value of casting a wide net in the search is limited by two constraints: There is a significant cost to the searcher of each potential candidate to be considered. That cost can be mental or physical energy, or time, or money, or all of the above. If you open yourself up to candidates outside your immediate network, you can attract a flood of candidates, many of whom will be inappropriate, annoying, dangerous or even fraudulent.  If you're looking for a business partner you'll likely attract unskilled unemployed people who would really rather just have a job. If you're looking for a marriage partner you may attract hookers, golddiggers, economic refugees, and their respective pimps. If you're looking for an investor you could attract thieves and usurers. If you're looking for an expert you'll often attract charlatans, con artists, and failed consultants. If you're looking for a decent job you'll likely be besieged with pyramid/MLM scheme hucksters, shoddy "education" vendors, and others exploiting your desperation. Unlike the large corporation executive, you can't afford to hire someone to separate the wheat from the chaff (or, more likely, find the needle in the haystack). And even if you could, it's quite possible the agent you hire will accept kickbacks from one of the candidates to give them the inside track. Bottom line: Better not cast a wide net. Go to your strong personal contacts one at a time and ask them for one candidate. Repeat until you find the right person. The human need for trust in all important relationships means that you will tend to prefer a fair candidate you know and trust well, over a good candidate that someone you trust trusts but whom you don't know well enough to trust. And you'll prefer either of these over a sensational candidate you don't know from Adam. Trust takes time, shared experiences, and usually face-to-face contact. Bottom line: We usually go with who we know. Now consider this from the perspective of the person you're seeking -- the prospective business or marriage partner, expert, investor or employer. They're getting overwhelmed by twice or thrice-removed referrals for connections. Most of the 'callers' are looking to get something that the recipient is unable or disinclined to give (especially to a stranger), or may not have even thought about. What do they do? They tell their close contacts not to refer anyone to them. They unsubscribe from social network lists. They get unlisted phone numbers and unlisted e-mail addresses. They get agents and intermediaries to handle communications for them and shield them from 'weak ties'. So instead of the idealized networks of the Tipping Point, shown at right, where connectors, mavens and salesmen work to connect people and ideas virally, we end up with the constricted, broken networks shown in the diagrams above: Outgoing connections are constricted by the high cost of extending too wide a net, and the lack of trust the further away the connection is, to the point the 'ideal' connection is rarely made. And returning connections are likewise constricted by the sequential disconnects of connectors, agents & intermediaries, and filters, to the point the people you most want to connect with are often the least likely to 'return your call'. This has always been so, and insofar as information is concerned, the Internet is much less constricted than previous information channels. But insofar as people are concerned, I would argue that the disconnects are as great as they have always been. The rich, the famous, the powerful, the most-wanted and the ideal matches are no more accessible and available for relationships than they ever were. Even those who are not still on the wrong side of the digital divide have mostly reintermediated themselves so the technologically possible connection between everyone and everyone else is kept humanly impossible. Such is the weakness of weak ties. When it comes to human connection, the network is still broken. I think this is the reason for the disconnect between people with great ideas and people with the money and resources to realize them -- the reason so many great ideas go nowhere. So now we need a Blog-Hosted Conversation to discuss what to do about it -- how to work around these disconnects. I suspect that part of the answer is permissioning and permission marketing. We need to give something away to establish trust and differentiate ourselves from the 'inauthentic' and 'unqualified' callers, and to make ideal connections. My first Blog-Hosted Conversation will take place at the end of the month. Stay tuned.

Jobless Figures on Friday Could
Emphasize Bush's Big Weakness

Jobless Figures on Friday Could
Emphasize Bush's Big Weakness 09/02/2004 05:43 PM
If a report on August employment is weak, even some of President Bush's allies say it could dampen enthusiasm coming out of the convention.

Vulns: Cisco LEAP Password Disclosure
Weakness

Vulns: Cisco LEAP Password Disclosure
Weakness 04/15/2004 10:29 PM
SecurityFocus Apr 16 2004 1:56AM GMT

Cheney to Democrats: Weakness Invites
Terror (Reuters)

Cheney to Democrats: Weakness Invites
Terror (Reuters) 07/27/2004 04:10 PM
Reuters - Flanked by American flags and howitzers, Vice President Dick Cheney on Tuesday defended the war in Iraq and a policy of preemptive attack against criticism from Democrats at their national convention.

Earnings alert: Novell sees weakness in
IT spending

Earnings alert: Novell sees weakness in
IT spending 08/20/2004 08:29 AM
Plus: Salesforce reports rise in profit...Nortel to lay off 3,500...Intuit posts loss while revenue rises...BEA earnings rise amid internal turmoil.

President's Strength a Potential
Weakness (Los Angeles Times)

President's Strength a Potential
Weakness (Los Angeles Times) 02/10/2004 02:52 AM
Los Angeles Times - WASHINGTON — Beset by rising troubles and falling poll numbers, President Bush moved Sunday to rehabilitate his core political asset: his image as a decisive wartime leader.

Window Washer "Bleached" Data Exposure
Weakness

Window Washer "Bleached" Data Exposure
Weakness 08/30/2004 02:32 AM

Direct and Related Links for 'Window Washer “Bleached” Data Exposure Weakness'

“First Last has reported a weakness in Window Washer, which can be exploited by malicious people to disclose “securely” deleted data on a disk. The problem is that the “Add Bleach to Wash” security setting, which should delete a file securely by overwriting it multiple times with random data, doesn’t do this properly. Successful exploitation allows a malicious person to recover the deleted data using various unspecified publicly available tools. The weakness has been reported…

Vulns: Microsoft Windows showHelp CHM
File Execution Weakness

Vulns: Microsoft Windows showHelp CHM
File Execution Weakness 07/17/2004 07:29 PM
SecurityFocus Jul 17 2004 11:07PM GMT

Intel rolls back outlook; widespread
weakness feared

Intel rolls back outlook; widespread
weakness feared 09/03/2004 12:59 AM
USA Today Sep 3 2004 5:30AM GMT

Tech Stocks Close Higher, Overcoming
Earlier Weakness

Tech Stocks Close Higher, Overcoming
Earlier Weakness 01/07/2004 07:06 PM
Investors calculated a strengthened position for the Web-search company in its partnership with Google following news that Yahoo intends to end its ...

Bush campaign holds rally in Va.; Dems
sense weakness

Bush campaign holds rally in Va.; Dems
sense weakness 08/10/2004 12:32 PM
Here's what he said .. that comment .. endorses .. quotes .. AP

dailypress.com/news/local/virginia/dp-va--bushvisit0809aug09,0,69 20595.story?coll=dp-headlines-virginia
track this site | 6 links

" Bush campaign holds rally in Va.; Dems
sense weakness "

" Bush campaign holds rally in Va.; Dems
sense weakness " 08/10/2004 09:24 PM

Ashcroft Not Queried On Campaign Funds;
Critics See Weakness in Election Panel

Ashcroft Not Queried On Campaign Funds;
Critics See Weakness in Election Panel 12/21/2003 08:35 AM
Read article .. WaPo

washingtonpost.com/wp-dyn/articles/A16412-2003Dec19.html
track this site | 4 links

Vulnerabilities: Microsoft Baseline
Security Analyzer Vulnerability
Identification Weakness

Vulnerabilities: Microsoft Baseline
Security Analyzer Vulnerability
Identification Weakness 02/13/2004 05:10 PM
SecurityFocus Feb 13 2004 9:21PM GMT

[SECURITY] [DSA 429-1] New gnupg
packages fix cryptographic weakness in
ElGamal signing keys

[SECURITY] [DSA 429-1] New gnupg
packages fix cryptographic weakness in
ElGamal signing keys 01/27/2004 01:49 PM
Matt Zimmerman (Jan 26 2004)

Freedom of Music Choice :: Freedom of
choice is what you want!

Freedom of Music Choice :: Freedom of
choice is what you want! 08/17/2004 11:14 AM
Apparently, the freedom to choose whose DRM to use is what you want! .. Freedom of Music Choice .. blog

freedomofmusicchoice.org
track this site | 4 links

Stock market signals show weakness after
Intel downgrade, before jobs report

Stock market signals show weakness after
Intel downgrade, before jobs report 09/03/2004 08:25 AM
National Post Sep 3 2004 12:53PM GMT

Focus returns to Fed as jobs weakness
raises rate doubts; Dell, Wal-Mart
report

Focus returns to Fed as jobs weakness
raises rate doubts; Dell, Wal-Mart
report 08/09/2004 12:58 PM
Sympatico Aug 9 2004 5:21PM GMT

Vulns: Multiple Vendor Internet Browser
User Action Prediction/Interception
Weakness

Vulns: Multiple Vendor Internet Browser
User Action Prediction/Interception
Weakness 08/08/2004 02:07 PM
SecurityFocus Aug 8 2004 5:19PM GMT
Grok Description matches for Weakness in Passphrase Choice in WPA Interface
GrokA matches for Weakness in Passphrase Choice in WPA Interface

Weakness in Passphrase Choice in WPA Interface

The following phrases have been identified by the grok system as matching this entry: