You may feel safe surfing the Web in your living room, but your next-door neighbor could hack into your password-protected Wi-Fi network in a matter of minutes.
German researcher Thomas Roth said he was able to guess the encrypted password to a Wi-Fi network in his native Cologne using the massive calculating power of Amazon's Elastic Compute Cloud virtual supercomputer, which anyone can buy time on.
Cloud computers — networks of remote servers handling processing and data storage — enable users to execute tasks at dizzying speeds. Roth uploaded his own specialized software to Amazon’s cloud and got it to test 400,000 potential Wi-Fi user passwords per second.
Like most up-to-date home Wi-Fi networks, Roth's compromised test network used the Wi-Fi Protected Access (WPA) encryption standard, which is difficult to crack.
But any password can be guessed, given enough processing power or "brute force" --- and that's exactly what Roth bought cheaply from Amazon.
Amazon charges 28 cents per minute to use its cloud servers, and Roth's initial break-in took about 20 minutes, at a presumable cost of $5.40. He told Reuters he later updated his software to perform the same attack in about six minutes, which would have cost $1.68.
Roth said he wanted his proof-of-concept hack to prove that even home and business Wi-Fi networks that have been deemed unbreakable are dangerously vulnerable.
“People tell me there is no possible way to break WPA, or, if it were possible, it would cost you a ton of money to do so,” Roth said. “But it is easy to brute-force them.”