[dmfdmf]

Is this some kind of artificial test or is it a real issue? What I mean is that the article mentions running through about 400,000 passwords per second and the hack took 20 minutes. But wouldn't most servers or routers block the user out after so many failed logins? How do they get around that?

[forensic]

You don't actually send 400,000 passwords to the server. You capture legit packets traveling between the access point and an authorized user and then run your brute force algo on their encryption.

[Herring]

http://en.wikipedia.org/wiki/Wireless_cracking