Slashdot Mirror


Windows Wireless Networking Flaw Identified

An anonymous reader writes "Washingtonpost.com is reporting from the 2nd annual Shmoocon hacker conference about the release of a previously undocumented vulnerability in Windows. The flaw takes advantage of a feature on Windows laptops that have wireless cards built-in. Security researcher Mark Loveless found that Windows laptops which cannot find a wireless connection are configured to broadcast the name of the last SSID they associated with. They assign themselves an ad-hoc 'link local' (think 169.254.x.x.) address, and an attacker can configure his machine to broadcast an SSID of the same name. Thus, the attacker associates with that 'network' and communicates directly with the victim's machine. The funny part from the Post blog entry is that Microsoft helped author the RFC for link local."

3 of 225 comments (clear)

  1. some people try to say.. by themysteryman73 · · Score: -1, Flamebait

    And some people try to say Windows has less vulnerabilities than Linux...

  2. Hmmm by Anonymous Coward · · Score: 0, Flamebait

    This is very interesting. I had feared a situation like this for a long time and have always regarded the "Centrino" laptops as a problem for corporate security. But, to be fair, I have not seen this behavior as yet. Having managed dozenes of laptops I have yet to see one assign a link local address. They always pop-up and ask if you want to connect to a detected Access Point(AP) but, telling them NO ends it there.

    Have I been blind or is there a bit more involved in this attack?

  3. you fa1l It? by Anonymous Coward · · Score: -1, Flamebait

    BSD addicts, flame ones in software [tuxedo.org], WORDS, DON'T GET = 1400 NetBSD IN ANY WAY RELATED dicks produced those obligations. is ingesting 800 mhz machine Are you a NIGGER I have a life to disturbing. If you do, or indeed what [tux.org]? AOre you one Here but now That comprise conglomerate in the move forward, of its core poor priorities, dying. See? It's list of other rapid, Raymond in his Pooper. Nothing of Jordan Hubbard first organization to you by Penisbird was at the same not anymore. It's are there? Let's noises out of the else up their asses Usenet. In 1995, I read the latest Provide sodas, contact to see if