Slashdot Mirror


Critical Security Hole in Linux Wi-Fi

thisispurefud writes "A flaw has been found in a major Linux Wi-Fi driver that can allow an attacker to run malicious code and take control of a laptop, even when it is not on a Wi-Fi network."

5 of 262 comments (clear)

  1. Complex Hack by dekkerdreyer · · Score: 5, Funny
    Luckily this hack isn't for the ordinary Linux user. The hack requires WPA encryption to be activated. As anyone who uses Linux knows, WPA requires recompiling the kernel, compiling wireless tools, compiling wpasupplicant, recompiling both when you find that the default configuration for wpasupplicant is to not use WPA (wtf?), and finally modifying a handful of cryptic configuration files. Once that's done, WPA is still not likely to work with a particular kernel, hardware, and wireless card combination.

    Once again, Linux is safe from such a common attack because only seven people have successfully set up WPA. If this had been a Windows flaw, where every machine natively understands WPA and no work at the command prompt is needed, this would be disastrous.

    This shows that Linux has been taking the right stand. By making the machine difficult to get running, it's unlikely that the machine will be able to connect to anything and become infected. Windows made the mistake of making the machine easy to use, allowing for simply network connection and ease of ownership (OWN3D).

    --
    Dekker Dreyer
  2. Tag.. by Anonymous Coward · · Score: 5, Funny

    DefectiveByDesign? Oh wait ... wrong OS.

  3. What!? by jav1231 · · Score: 4, Funny

    Wait! Someone got WiFi to work in Linux!?
    Okay, easy...just saying this is one area that's always been behind in Linux.

  4. Re:Freedom matters. by The+Bungi · · Score: 3, Funny
    That's because you have not gotten your head around the fact that peer review makes for better code.

    What part of "the flaw was in the open portion of the driver" did you manage to miss?

  5. Re:Fixed Dec 15th on my box by Kjella · · Score: 4, Funny

    Slashdot: Last year's news for nerds, stuff that mattered

    --
    Live today, because you never know what tomorrow brings