 joeschuh
join:2000-10-02
Englewood, OH
1 edit | Fall 2007? Although it seems the attack would have to be a local attack I'm surprised that they are going to wait until fall of 2007. I'm sure the curious will be trying to exploit this for fun in public places where laptops are open and not connected to an AP. | |
|
 | 
a
| Re: Fall 2007? no problem's here with wi-fi. | |
|
| Ammler
Premium
join:2005-04-19
Pittsburgh, PA | I would think that is someone is using a Laptop and not using the WiFi radio, they would have it turned off anyway. Using WiFi on my Lappy results in an additional 25 to 40% drain on my battery depending upon what I'm doing. YMMV | |
|
| noone1
join:2004-06-04
Nashua, NH | This is a new flaw? Im sorry, but my company discovered and documented this flaw ... two and a half years ago. This is way old news and this security company is way behind the times. | |
|
nivago
Think For Yourself
join:2000-11-16
Little Rock, AR | Be heard Maybe, if we all scream loud enough, it will shame microsoft into an early release a la wmf patch. | |
|
| 
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Be heard said by nivago  :Maybe, if we all scream loud enough, it will shame microsoft into an early release a la wmf patch. This is easy to fix yourself; the WMF vulnerability was not.
Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site | |
|
| | RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11 | Re: Be heard "MessageLabs believes users running Windows XP Service Pack 2 (SP2) are not at risk."
Looks like it is already fixed...
--
Toolmaster of La Grange. | |
|
pnh102
Reptiles Are Cuddly And Pretty
Premium
join:2002-05-02
Mount Airy, MD | Go back to old way of finding wireless networks! I still can't stand XP SP2's interface for finding wireless networks. The old way was much more straightforward.
--
Rove / Rumsfeld 2008! | |
|
|
Prius
@cavtel.net
| Re: Go back to old way of finding wireless networks! Straightforward? XP SP2 has a much better and improved native interface for wireless cards. With the pre SP2 way, there was so much headache that I would disable windows native control and use the card's client utility to configure it. I still use the client utility on my personal system, but for all the other machines that I fix, I upgrade to SP2 (if not SP2 already) and let windows control the wifi. Much easier for both me and the other person involved. | |
|
|
joeschuh
join:2000-10-02
Englewood, OH
| Consumers I liken it to Network Associated Virus scan.... The enterprise version is straight forward and simple for someone who knows what they are doing to use (hell -- there isn't that much really)... The consumer version of McAffe (sp?) has so much crap to wade through even I have a hard time finding what I want sometimes.
I guess it's their effor to make it easy by making it harder. | |
|
MiloMindbend
join:2001-01-18
Jeannette, PA
| Not much of a flaw The way I read it, the only thing that MS' implementation is doing wrong is looking for ad-hoc instead of infrastructure mode associations. Take that away, and unless you were using WPA or WPA2 (for mutual authentication), you can still suffer the same results. All the attacker needs to do is pull the SSID from the probe requests your client radio is sending and set up a soft access point advertising that SSID (see all the noise last year about "rogue APs"). The only thing they can fix without breaking the way 802.11 networking works is whether the attacker can use off-the-shelf ad-hoc functionality or he has to know a tiny little bit about how to set up an access point.
Either way, if you wander around with your device's WiFi adapter enabled, you can be providing a network connection to your device (again, unless it was configured to only use WPA or some other mutual-authentication scheme).
(Oh, and all the stuff about "getting a local address"? That's just the autoconf link-local addressing, and it has _nothing_ to do with WiFi. The attacker could just as easily provide DHCP on his soft-AP or ad-hoc peer, and the attackee would obtain an address from that and you'd still have connectivity.) | |
|
tquade
join:2000-10-14
Regina, SK
| SP2 fix Network Connections > Wireless Network Connection > Properties > Wireless Networks > Advanced >
select "Access point (infrastructure) networks only"
clear "Automatically connect to non-preferred networks"
SP1 folks are out of luck. | |
|
| MiloMindbend
join:2001-01-18
Jeannette, PA
| Re: SP2 fix This really doesn't reduce the "vulnerability" much at all, though. If your WiFi adapter is not turned off, it's still going to send probe requests that include the SSID you're trying to join. All I have to do as an attacker is run an access point (note: I can build an AP out of a standard notebook running Linux or BSD -- it doesn't have to be a dedicated piece of hardware) with that SSID, and you'll still associate to my rogue network. You'll still get the same type of link-local address (unless I'm running a DHCP server), because that's IP functionality that's independent of the WiFi transport layer. I've still got IP-level connectivity to your computer. There really isn't much difference between the two cases.
If you don't want to expose your machine, turn the WiFi adapter _off_ when you're not deliberately using it, or at least make sure you've only been using authenticated networks. | |
|
HardwareGeek
join:2003-11-15
Brooklyn, NY
| blah wow when people don't secure their router it's the persons fault but since it's their computer they bitch at Microsoft.
Does the same problem happen in Linux? Why no bitching at the Open source community. I know when I try to connect to a network on my iBook and it fails I am switched to adhoc mode. So the flaw kind of exist in OSX as well.
--
Email/MSN: Michael at hardwaregeeks.comAIM: MikeR35292 | |
|
| WirelessMajr
Premium
join:2005-08-03
College Place, WA | Re: blah Most of the people using *nix are smart enough to know what they are doing. That, and M$ controls the market share for OS. | |
|
|
|
|
Microsoft Confirms Wi-Fi Flaw
·
·
·
hummmmmmm