The attack exploits weak randomization, or the lack of randomization, in a key used to authenticate hardware PINs on some implementations of Wi-Fi Protected Setup, allowing anyone to quickly collect enough information to guess the PIN using offline calculations. By calculating the correct PIN, rather than attempting to brute-force guess the numerical password, the new attack circumvents defenses instituted by companies. » Offline bruteforce attack on WiFi Protected Setup » Hands-on: hacking WiFi Protected Setup with Reaver\< /a>
» Robert Lemos | arstechnica.com/a>