January 16th, 2006
Laptops Vulnerable to Simple Wireless Security Issue in Windows
By Michael Santo
Contributing Writer, RealTechNews
Patch one thing and boom! here comes another issue. Not only that the fault lies not in a bug or flaw in the code; it was designed this way. Details were released at the ShmooCon hacker conference in Washington, D.C. on Saturday. Brian Krebs of the Washington Post has the full details here.
It’s a pretty detailed explanation of the problem. A somewhat simplified look at it can be found here.
To make a long story short, the behavior has to do with the fact that your laptop remembers the SSID of the last network you connected to. If it can’t find a network to connect to, it will broadcast that it is looking for other computers that know that SSID. Someone sniffing could detect and then connect to your laptop in an ad-hoc network. Or, if you both happened to go to a Starbucks last, your two laptops might connect without any intervention or announcement.
The article states you can disable your wireless connection, or you can reconfigure it with the steps here (this assumes Classic Windows UI, not the default XP UI): Start, Settings, Network Connections, right-click on the wireless networking connection, select Properties. Then click on the Wireless Networks tab, then the Advanced button, then under “Networks to access” select “Access Point (infrastructure) networks only”. This will prevent ad-hoc connections of the type above from being created. This is also the setting I set my wireless adapters to on all my laptops.
We Say: Actually, I’d attribute this more to a misconfiguration of the settings than anything else. I mean, Access Point is the setting that most users should use anyway. On the other hand, when installing new cards or accessing new laptops, I always find that the setting is set to Any Available Network. Microsoft has acknowledged this problem and has promised to fix it in the next set of Service Packs.
David Johnston says:
They’re going to fix it in the next service pack!?! I thought SP3 was scheduled to arrive in 2007! Geez… Anyway, this really doesn’t seem like that bad of an issue to me.
January 16th, 2006 at 8:54 am
Michael Santo says:
Yeah, I know about the SP timeframe. Heh. I didn’t think this was TOO bad, until I read the full article and the writer indicated that he ran a test to see how easy this was, and when he was done he and the hacker testing with him noticed someone else in the hotel trying to login to their computers using that technique.
January 16th, 2006 at 9:35 am
The Wireless Weblog says:
Windows Wi-Fi Flaw Discovered
RealTechNews notes that over the weekend at the ShmooCon hacker conference in D.C., hacker Mark "Simple Nomad" Loveless released info on a relatively serious Wi-Fi security flaw that’s present in any recent version of Microsoft Windows.As B…
January 16th, 2006 at 12:04 pm
Bletch says:
It’s not really that serious an issue, as evein in Ad-Hoc mode windows has the option of whether or not to automatically connect to ‘non-preferred’ networks. As long as this is set to ‘off’, then the problem won’t occur, even if the WiFi connection is left switched on in Ad-Hoc mode. As you say, it’s more of a misconfiguration issue, but not one of Ad-Hoc vs Infrastructure modes, but more one of allowing the computer to connect to unknown networks automatically.
January 16th, 2006 at 8:06 pm
Sanketh says:
hmmm
Need to be careful.
Sanketh
http://teletunes.blogspot.com/
January 28th, 2006 at 5:42 pm
ClapekDodki says:
fetiscismo
July 17th, 2007 at 3:07 am