A recent Defcon exploit has been widely, but wrongly, interpreted as rendering WPA2 security useless. The Wi-Fi Alliance has reviewed the chapcrack tool and cloudcracker service announced last week at Defcon 20 and these tools do not present an exploitable vulnerability. The vulnerability of MS-CHAPv2, which was created by Microsoft years ago, is well known, but the vulnerabilities of this protocol (and other similar ones) are well known. Wi-FI Protected Access 2 makes use of additional mechanisms to protect them, according to both the WFA and a wireless architect.”]

