Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Dark Side Of DefCon's Wireless Network

Posted by michael on from the the-goggles,-they-do-nothing dept.

An anonymous reader writes "While there's been a few postings on events happening at DefCon 12, one event seems to have been overlooked. A new wireless packet injection tool was quietly released (unleashed?) during DefCon: AirPwn. Here's a write-up of the tool as deployed by its author and crew at DefCon 12."

3 of 185 comments (clear)

  1. Hardly bad by shfted! · · Score: 5, Insightful

    It's a hacker conference. There is probably no more tolerant place to release such a piece of code, where your talents will be respected instead of persecuted. There were also no doubt many members of the computer security community present who would want to be aware of any new vulnerabilities immediately. I think it's a great thing it was tried and released at DefCon first.

    --
    He who laughs last is stuck in a time dilation bubble.
  2. why.. by Anonymous Coward · · Score: 4, Insightful

    Do people still do this? Packet injections of various and sundry sorts are old news.

    There's a worrisome pattern, in the IT security biz, of repetition. Hacks discovered a few years ago re-appear in new clothes as "new," technologies for protecting against them resurface every few years in the same way. Computing as a whole tends to re-invent things on something like a 15 year cycle, but security seems to be on a truly frenetic clock, cycling every 2 years or so (very very approximately ;)

    Is there some connection between this and that vulnerabilties re-surface in new clothes constantly as well?

  3. It could be worse... by Photo_Nut · · Score: 4, Insightful

    You're at Joe's internet cafe, or in an airport, etc. Suddenly, your internet explorer gets a web page redirect to some random porno movie of 3 guys raping a rather unattractive asian girl, complete with audio... in full screen mode. Since your laptop's audio is on, everyone in the area, including your girlfriend hear, "No don't put it in my pussy. [scream]"... And you're joe blow who doesn't know how to use the keyboard to close the window to save your life.

    Yes, it could happen, particularly, if the geek in the corner is sniffing your WiFi traffic, and singles you out.

    More serious would be something which noted when you wanted a secure site, such as a bank, and proxied to a full-screen web page image complete with security icons that tricked the user into sending you their password in the clear.

    There are malicious 14 year olds with laptops out there that would find this awfully amusing.