Slashdot Mirror

← Back to Stories (view on slashdot.org)

802.11 WiFi Denial of Service Exploit Discovered

Posted by simoniker on from the block-block-kick dept.

CRC'99 writes "The Queensland University of Technology has today announced yet another flaw in 802.11 products. AusCERT has the official statement, noting: 'An attacker using a low-powered, portable device such as an electronic PDA and a commonly available wireless networking card may cause significant disruption to all WLAN traffic within range, in a manner that makes identification and localisation of the attacker difficult.' Nice to know that a simple PDA could bring a WiFi network to its knees."

19 of 251 comments (clear)

  1. All your base station are belong to us by Gabrill · · Score: 4, Insightful

    Seams like the single most energetic use of all our new technology is figuring out new ways to break it.

    --
    Always going forward, 'cause we can't find reverse.
    1. Re:All your base station are belong to us by Diabolical · · Score: 4, Insightful

      Best way to ensure that these technologies are safe enough for their purpose.

      The alternative would be widespread adoption without any real security and a few nutcases having the possibility to break _and_ abuse the tech without anyone having the slightest idea of its insecurity.

  2. Re:how come... by isorox · · Score: 5, Insightful

    Same reason you get someone else to proofread your CV. A fresh pair of eyes will pick out the problems.

  3. I wonder... by MoreDruid · · Score: 2, Insightful

    I wonder if WiFi bridges are also affected by this.
    And of course, how long it will take before the manufacturers will be having a firmware update for this. It seems that most firmware updates only add extra functionality to gain an edge over the competitors, but basic stuff like optimalisation is kind of a non-issue. I'm crossing my fingers this will be fixed shortly, but I'm having doubts about it.

    --
    The best weapon of a dictatorship is secrecy, but the best weapon of a democracy should be the weapon of openness.
  4. Easy... by compacflt · · Score: 5, Insightful

    In case of a chain:

    It's easier to find a weak link in a chain, than it is to make all perfectly strong links.

    In case of a 'system':
    It's easier to find a single flaw than it is to build all parts well. (not to mention that all parts must also interact well, and do the job.)

  5. Why? by egm06 · · Score: 2, Insightful

    What would be the point of this other than making people made? It would not dystroy data. Also, has it been done by a "attacker" or did they do it themselves?

  6. Re:how come... by Segway+Ninja · · Score: 5, Insightful

    Because the creators think one way, and the the "other people" think in totally another. Something the creators never thought possible could happen, simply because someone else sees the system on a different angle.

  7. Exactly how is this surprising? by Anonymous Coward · · Score: 5, Insightful

    A microwave oven can bring down a WiFi network. You could plug a 110 volt line into an Ethernet jack if you felt like it. All shared media networks require cooperation in order to run correctly.

    1. Re:Exactly how is this surprising? by jruschme · · Score: 3, Insightful

      Except that the 802.11b vendors seem to have some hardening against microwave ovens built into the drivers and firmware.

      I think the scary part of this is supposed to be the fact that one can bring down the network using nothing more than off-the-shelf hardware and a little custom software. Worse, it's hardware that is indistinguishable from what a legitimate user might have.

      Let's say, for instance, that I want to bring down the hotspot at my local Starbucks. It would probably be suspicious (or at least funny looking) if I whipped out a modified AP or some kind of UHF transmitter. OTOH, nobody would even notice if I pulled out an iPaq, tapped a couple of times on the screen, and *poof* the network halted.

      Now scale up a bit and say I connect to a decent antenna, sit out in the parking lot, and point this at your office... or your hospital...

  8. Well, duh by Anonymous Coward · · Score: 2, Insightful

    Wifi networks _require_ cooperation to work. When the protocol says I am not allowed to send now, who can enforce it? I have to admit that tricking everybody else into believing that the channel is in use when it is actually free is an elegant way of disrupting the network, but you could just as well send short blips whenever someone else tries to transmit a packet. Only software which you control stands between you and the network.

  9. Re:how come... by hutkey · · Score: 2, Insightful

    i agree with you,
    but considering the fact that the system they are building is important than CV (ust an example), why they don't get what others get in first glance?

  10. Spark Gap? by shfted! · · Score: 2, Insightful

    Couldn't the same effect also be achieve by a simple spark-gap generator? Granted, this device would also effect all other bands, but has been around for many years and is remarkably low tech.

    --
    He who laughs last is stuck in a time dilation bubble.
  11. PDAs? Simple? by Anonymous Coward · · Score: 1, Insightful

    "Nice to know that a simple PDA could bring a WiFi network to its knees"

    Excuse me, but since when has a small portable computer ever been simple? It's a desktop PC in a smaller case you muppet!

  12. Re:how come... by zopu · · Score: 3, Insightful
    The simple answer is that there are far more users than there were testers. When more people look at a system, it's increasingly likely that someone will 'stumble' onto a bug.

    Also, it's easier to find an exploit in an established system. Now we have lots of hardware and available WLAN access points to play about with. It's quite difficult to 'hack' a specification...

  13. Just like a cell phone... by chrisbw · · Score: 3, Insightful

    This really isn't anything revolutionary. You can take down cell phones in the area that a handheld jammer can transmit. I don't think anyone has ever asserted that low-power wireless transmissions can't be DOS'ed by other low-power wireless transmissions.

    --
    Chris -- http://www.bitter.net/
  14. Technology split by khakipuce · · Score: 2, Insightful
    Has it not always been the case that there are technologies of convenience and technologies on which we depend? The convenience technologies - your TV remote for example - are engineered for price/features and you can live without them (go on... you can, you know you can, if you really try).The others, the ones on which we really depend (drugs, aircraft flight systems etc.) are engineered for reliability/price.

    The upshot is that conveniece and reliability are generally opposing design goals. Things which are highly reliable by definition must be mature (read old) technologies - you can't know if it will run for n years if you haven't run 1000's of examples for more than n years. WiFi is both relativly new and falls into the convenience camp. And until we can be convinced otherwise it must stay there.

    --
    Art is the mathematics of emotion
  15. Re:Probably obvious to the people who made protoco by 0x0d0a · · Score: 2, Insightful

    I only know about the theoretical side of CSMA/CD, but as far I can see, its an ineherent flaw in communicating over shared broadcast channels.

    Few communication channels follow the abstract "shared broadcast" model.

    If all devices had and used directional receiver antennas (say, six antennas pointing in different directions with that pick up different signal strengths and determine the source location based on these strengths), we could avoid the problem.

    --
    May we never see th
  16. Re:jammers? by FireFury03 · · Score: 2, Insightful

    A jammer - in the spesific sence of a white-noise transmitter - wouldn't give a 'denial of service' style attack. It would drown out the other transmitters, thus fooling your device into thinking that there is no network avilable.

    In what way is that not a denial of service? It denies the clients access to the access point service, in the same way as a bomb in a datacentre denies all the clients from contacting the servers there.

    --
    http://blog.nexusuk.org
  17. This is NOT a "bug in the system". by Ungrounded+Lightning · · Score: 2, Insightful

    how come "other people" are soooo smart in finding bugs in the system, than the system creators itself?

    Because they never look.

    This is NOT a "bug in the system". Being jammable is inherent in ANY radio based communication system.

    Just as you can't hear and understand the person talking to you across the room when a pair of people are shouting in your ears or when another person with a similar voice is babbling nonsense at the same time, and you can't read morse code flashlight blinks sent by someone standing between you and the sun, so you can't receive and decode what a Wi-Fi card is sending you when another Wi-Fi card is transmitting "chatter".

    The same is true on Cable TV modem signals (where a neighbor's chattering box jams your uplink), on 10-Base Ethernet (where you're all on one coaxial cable and a single chattering device is a constant collision), on broadcast radio and TV (where a nearby signal will wipe out or override and replace a distant one), radar, telephone party lines, hearing (meetings disrupted by the guy with the bullhorn), vision (strobe lights, searchlights, sombody standing between you and what you want to see), and so on.

    Jammability is inherent in sharing a transmission medium with an additiona transmitter which is misbehaving, not some "bug" in any particular system.

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way