Presentation is loading. Please wait.

Presentation is loading. Please wait.

Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots Andreas Kurtz, Felix Freiling, Daniel Metz Technical Report.

Published byOsborne Parsons Modified over 9 years ago

Similar presentations

Presentation on theme: "Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots Andreas Kurtz, Felix Freiling, Daniel Metz Technical Report."— Presentation transcript:

1 Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots Andreas Kurtz, Felix Freiling, Daniel Metz Technical Report CS-2013-02, June 2013

2 EASE OF USE v/s LEVELS OF SECURITY

3 Summary Random password generated by iOS are weak. Security can be compromised by capturing the 4-way handshake. Brech can be made in less then 49 mins.

4 Supported Devices iPhone 3GS or later iPad (3 rd Gen) WiFi + Cellular or later. iPad Mini Wifi + Cellular No. Of Connected users ?

5 Password Properties Atleast 8 characters composing of letters and numbers. Randomly generated Pre-shared key by system.

6 “alpine” Root password Jailbroken devices Access using Secure Shell(SSH)

7 How Passwords are generated ? Dictionary words + series of random numbers 8 character Limit List of 52,500 entries

8 The Attack ! WiFi connection handshake is captured. High Power GPU to brute force the Password Takes less than 49 minutes.

9 Surprising Facts Only 1,842 different entries of the Dictionary are taken. High power hardware can be available on the cloud. Same problem affects Android and Windows.

10 Criticism Can Apple handle 390,000 login attempts/ minute ? Sign of Connected Users Use of non-ASCII characters

11 Appreciation Spreading Awareness to change your Default Password.

12 Discussion Is this Apple’s problem to look after or the WiFi Alliance who set the protocols ?

13 THANK YOU ! THANK YOU !

Download ppt "Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots Andreas Kurtz, Felix Freiling, Daniel Metz Technical Report."

Similar presentations

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)
Mobile Access: BYOD Trends SCOTT DUMORE - DIRECTOR, TECHNOLOGY, CHANNELS & ALLIANCES AUTONOMY, HP SOFTWARE.

Mobile Access: BYOD Trends SCOTT DUMORE - DIRECTOR, TECHNOLOGY, CHANNELS & ALLIANCES AUTONOMY, HP SOFTWARE.
SANS Technology Institute - Candidate for Master of Science Degree Design Phase 1 of an iPhone Rollout Mark Baggett, Jim Horwath June 2010.

SANS Technology Institute - Candidate for Master of Science Degree Design Phase 1 of an iPhone Rollout Mark Baggett, Jim Horwath June 2010.
6218 Mobile Devices- Are They Secure Enough for our Patient's Data? Presented By Aaron Hendriks, CISSP Other: Employee of University Health Network, Toronto,

6218 Mobile Devices- Are They Secure Enough for our Patient's Data? Presented By Aaron Hendriks, CISSP Other: Employee of University Health Network, Toronto,
Behavior Report Setting Up Your Account. Logging in to the Software URL makingitbettercms.intercedeservices.com.

Behavior Report Setting Up Your Account. Logging in to the Software URL makingitbettercms.intercedeservices.com.
The Most Critical Risk Control: Human Behavior Lynn Goodendorf Director, Information Security Atlanta ISACA Chapter Meeting June 20, 2014.

The Most Critical Risk Control: Human Behavior Lynn Goodendorf Director, Information Security Atlanta ISACA Chapter Meeting June 20, 2014.
Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.

Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Securing your Jail broken IPhone. iPhone Worm An iPhone worm has started jumping between jailbroken devices, taking advantage of users who have replaced.

Securing your Jail broken IPhone. iPhone Worm An iPhone worm has started jumping between jailbroken devices, taking advantage of users who have replaced.
Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.

Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.
Ho Ting Chung, Zeturl (52246962) 1.  Authentication  Encryption 2.

Ho Ting Chung, Zeturl ( ) 1.  Authentication  Encryption 2.
Encryption, Privacy, & Authentication Chris R Chris H Mindy C.

Encryption, Privacy, & Authentication Chris R Chris H Mindy C.
Lecture 22: Internet Security Intro to IT COSC1078 Introduction to Information Technology Lecture 22 Internet Security James Harland

Lecture 22: Internet Security Intro to IT COSC1078 Introduction to Information Technology Lecture 22 Internet Security James Harland
Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)
IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.

IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.

IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.

Similar presentations

Ads by Google