Via Boing Boing:
WEP, the access-control system for WiFi, is notoriously shit. Now Fed computer scientists have shown an attack that can break a WEP key in three minutes. Gabe sez, “Brilliant approach, using a second computer to re-send the same packet back to the router, thus generating more traffic, thus catching more weak packets, etc.”
The FBI team used the deauth feature of void11 to repeatedly disassociate the laptop from the access point. Desired additional traffic was then generated as Windows XP tried to re-associate back to the AP. Note that this is not a particularly stealthy attack, as the laptop user will notice a series of “Wireless Network unavailable” notifications in the taskbar of their desktop screen.
Another attack method the FBI team used is a replay attack. The basic premise of this attack is to capture at least one packet traveling from the victim laptop to victim access point. This packet can then be replayed into the network, causing the target AP to respond and provide more traffic to capture.