Bringing law and order to IEEE 802.11 networks - A case for DiscoSec.

To improve the tarnished reputation of WLAN security, the new IEEE 802.11i standard provides means for mutual user authentication and assures confidentiality of user data. However, the IEEE 802.11 link-layer is still highly vulnerable to a plethora of simple, yet effective attacks which further jeopardize the already fragile security of wireless communications. Some of these vulnerabilities are related to limited hardware capabilities of access points and their abuse may result in serious degradation of control over the wireless connection, which, especially in the case of broadcast communication, allows for client hijacking attacks. Although these issues are known and their impact is expected to be less prevalent on modern equipment, this work demonstrates the opposite. In our experimental analysis, we tested frequently used access points, and by forcing them to operate on their performance limits, we identified significant operational anomalies and demonstrated their impact on security by implementing a novel version of the Man-In-The-Middle attack, to which we refer as the Muzzle attack. Secondly, this work describes DiscoSec, a solution for "patching" WLANs against a variety of such link-layer attacks. DiscoSec provides DoS-resilient key exchange, an efficient frame authentication, and a performance-oriented implementation. By means of extensive real-world measurements DiscoSec is evaluated, showing that even on very resource-limited devices the network throughput is decreased by only 22% compared to the throughput without any authentication, and by 6% on more performance-capable hardware. To demonstrate its effectiveness, DiscoSec is available as an open-source IEEE 802.11 device driver utilizing well-established cryptographic primitives provided by the Linux Crypto API and OpenSSL library. © 2009 Elsevier B.V. All rights reserved

Search for gravitational waves from compact binary coalescence in LIGO and Virgo data from S5 and VSR1

We report the results of the first search for gravitational waves from compact binary coalescence using data from the LIGO and Virgo detectors. Five months of data were collected during the concurrent S5 (LIGO) and VSR1 (Virgo) science runs. The search focused on signals from binary mergers with a total mass between 2 and 35 Msun. No gravitational waves are identified. The cumulative 90%-confidence upper limits on the rate of compact binary coalescence are calculated for non-spinning binary neutron stars, black hole-neutron star systems, and binary black holes to be 8.7x10^-3, 2.2x10^-3 and 4.4x10^-4 yr^-1 L_10^-1 respectively, where L_10 is 10^10 times the blue solar luminosity. These upper limits are compared with astrophysical expectations