Why You See 'Free Public WiFi' In So Many Places

An anonymous reader writes "Almost anywhere you go these days (particularly at airports), if you check for available WiFi settings, you have a pretty good chance of seeing an ad hoc network for 'Free Public WiFi.' Of course, since it's ad hoc (computer to computer) it's not actually access to the internet. So why is this in so many places? Turns out it's due to a bug in Windows XP. Apparently, the way XP works is that if it can't find a 'favorite' WiFi hotspot, it automatically sets up the computer to broadcast itself as an ad hoc network point, using the name of the last connection the computer attempted. So... people see 'Free Public WiFi' and they try to log on. Then their own computer starts broadcasting the same thing, because it can't find a network it knows. And, like a virus, the 'Free Public WiFi' that doesn't work lives on and on and on."

So...

[Jorl17]

Windows really *is* a virus!

Ah!

Re:So...

[Pojut]

You forgot the "obligatory" title ;-)

Re:So...

[PsyciatricHelp]

Why is Ad-Hoc not disabled by Default? I had an adhoc ghost stick around for a year from when I set it up on my Iphone. turns out that my co workers laptop was still broadcasting the ad-hoc ssid. even with ad-hoc function disabled on my laptop you still saw the rebroadcast.

Re:So...

[Pojut]

It's one of those design decisions that make you go "what were they thinking?!?!?!"

Re:So...

[cjb658]

Windows really *is* a virus!

Ah!

No. Viruses are:
-Small
-Free
-Well-written

Re:So...

[Type44Q]

which in tern

It should be clear that this isn't quite what I meant (http://en.wikipedia.org/wiki/Tern)...

Re:So...

[thetoadwarrior]

In some cases but no, not all viruses are small or well written and if it steals your card details it's not free.

Re:So...

[vlueboy]

Non-geeks detect viruses because of system instability (IE or explorer shell crashes, multi-spyware slowness and malicious tampering eventually being the deathblow to spywared PC's TCP connectivity.)

It's the silent ones that live the longest, because no tech ever gets called to check out the PC's weird behavior. Even if the virus is well-coded does not make it "well-tested."

Re:So...

Windows really *is* a virus!

Ah!

No. Viruses are:
-Small
-Free
-Well-written

Well played, good sir.

Re:So...

[vegiVamp]

I have three words for you: VBA macro viruses.

Re:So...

[mcgrew]

Actually, I'd call that a feature -- enough of them and you have a mesh network. There are so meny unsecured connections around here I don't even need an ISP, I can get usually get online easily. I may get an ISP just to have 24/7, if I do I'll leave it unsecured.

I wiped Windows 7 and installed kubuntu, and there's one think I liked about 7 better than kubuntu, and that's the wifi connection. Windows connected faster, and needed less of a signal to work.

Is htere a way to make Linux do what XP did?

Re:So...

[Zero__Kelvin]

"It's one of those design decisions that make you go "what were they thinking?!?!?!""

You just described Windows in a nutshell ;-)

Re:So...

[silverglade00]

A-well-a bird, bird, b-bird's the word
A-well-a don't you know about the bird?
Well, everybody knows that the bird is the word!
A-well-a bird, bird, b-bird's the word
A-well-a...


For everything
Tern tern tern
There is a season
Tern tern tern...

Re:So...

[AndGodSed]

Technically that is two words and an acronym.

almost as bad as linksys

but at least linksys gets you a internet connection 99% of the time. BTW this story is a dupe from last year.

I see this alot

[jonxor]

Is that why I also see dozens of "hpsetup" Ad-hoc SSID's from nearby laptops?

Re:I see this alot

Oh wow! Is it a big alot? Or a furry one? Is it friendly? I hear alots can be dangerous.

http://hyperboleandahalf.blogspot.com/2010/04/alot-is-better-than-you-at-everything.html

Re:I see this alot

[TrisexualPuppy]

The "hpsetup" ESSID is from HP bloatware. It is used to connect the computer to wireless peripherals, namely HP wifi-enable printers.

I researched this myself, and it ended up that there were a bunch of better ways to implement it, but HP flat out didn't care.

Re:I see this alot

[BattleApple]

actually it looks just like an aswell, only smaller

Re:I see this alot

[maxume]

What better way is there to implement a wireless connection when the user doesn't have any wireless networking equipment other than their computer?

Re:I see this alot

[socsoc]

Buying a router?

Re:I see this alot

[maxume]

So 'the user buying something' is a better solution than the printer software supporting ad-hoc networks?

We disagree.

Re:I see this alot

Who are we?

Re:I see this alot

[maxume]

He and I. Or perhaps she and I. At any rate, socsoc and I disagree. Apparently. Maybe they were speaking hypotheticals rather than their mind.

Re:I see this alot

[Khyber]

Yes, because that ad-hoc network is pretty damned easy to hijack.

Physical security or GTFO.

Re:I see this alot

[maxume]

Ah yes, the dreaded 'they saw my term paper' and 'denial of paper' attacks.

Is it really that easy to hijack an adhoc network that is using WPA?

And if we are talking about somebody who would already make the foolhardy choice to have a wireless printer, do the specifics of the wireless matter if your rationale for rejecting it is physical security?

Re:I see this alot

[sumdumass]

Actually, it is pretty easy to hijack about any wireless network using WPA. WPA2 is only a tad bit more harder and both are easier then wep until you get into some business class security. Basically, all you need to do is flood the connection to force a reconnect between the devices then run a script or program on those packets.

It's actually a little more difficult then that, but once you find the right programs and the right hardware to work with them, it's not much more difficult then that. And the most difficult parts are already taken care of and reusable for the most part.

I have a laptop set up specifically to do this. Whenever I have a customer claim their rocket scientist nephew, or son, or the neibor's- dog's- sister's- aunt's cousin, or the time warner cable guy swears that wireless is safe and I don't know what I'm talking about, I simply tell them to go ahead and install it, then show up to ask how it's going with the wireless and show them that I'm already on the network. Sometimes I have to wait outside for about a half hour before I get it cracked, but I haven't ran into one wireless network yet that took longer then 2 hours to crack into. And yes, all the software needed is pretty much free and available on the interweb waiting to be downloaded and used. There is a pretty steep learning curve though but it's not that hard and there are a lot if tutorials out there. This is especially easy when the time warner guy and most outside techs try to use a phone number for the key phrase. Often, if you have a list of phone numbers to a building with wireless, going through those will get you a working key without needing all the monitoring and cracking software. Start with the Fax numbers as they are often tied to the DSL or the Cable Internet Phone which makes it easy for the technicians to find if they have to service it again.

Anyways, once you are on the network, it's pretty trivial to send command to any windows box to do things that give you more control. Especially if they have the power shell installed. Most firewalls don't screen addresses on the network as it seems to be universally trusted in most environments.

Re:I see this alot

[sumdumass]

How about the printer software becomes it's own router that can be programmed into an ad-hoc network with all of it being turned off until it's actually turned on because it's needed or wanted? All you would have to do is install a program that listens for a key when you press a button on the printer. This software can either load that key into the wireless card or broadcast the correct key to the printer if a network is already set up.

You know, do it similar to how the linksys and netgear and dlink auto connect works.

Re:I see this alot

[jc42]

So 'the user buying something' is a better solution than the printer software supporting ad-hoc networks?

Well, you're obviously not a businessman. ;-)

If you were, it would be obvious to you that "the user buying something" is always better than "the user just using their equipment and not buying any tie-in products".

Once you understand this, you understand a lot of how marketing works. But a lot of people never understand it. In the business world, they're known as "failures".

Re:I see this alot

[node+3]

zeroconf and those "Quick Connect" buttons that routers and Windows have these days, for two.

Re:I see this alot

[maxume]

Nah, good businessmen realize that people want cars that work with all the gas, not just the fucking branded gas, and that people will buy more of the cars if they don't have to track down the branded gas.

The assholes that think selling branded gas is awesome are just assholes who like branded gas.

Re:I see this alot

[maxume]

So given one laptop and one printer, you are suggesting that the price of the printer will not go up if the printer includes the hardware needed to act as a router?

AFAIK, the auto connect stuff all depends on the router side handling the messy details (and in fact, the wireless printer I have supports at least some of that stuff).

Re:I see this alot

[eggnoglatte]

Huh? Wouldn't an alot be larger than an aswell?

Re:I see this alot

[sumdumass]

It doesn't need to be a complete or powerful router. And as far as I know, the only difference between a router and ad-hoc network support would be the software.

But alas, you are probably right, the costs would increase as they would view it as a feature or something even though there would probably only be another 200 lines of code or something.

Re:I see this alot

[maxume]

Neither of those things describe the link between the computer and the printer (note in my comment where I complain that the user doesn't have a router).

Re:I see this alot

[node+3]

Neither of those things describe the link between the computer and the printer (note in my comment where I complain that the user doesn't have a router).

Yes they do. If the computer is acting like an ad-hoc network, it can use zeroconf to set something up instead of just defaulting to broadcasting as hpsetup. Alternately, the printer can have a quick connect button that you press when the HP installer software is loading, and the software would act like the software on a router does when you press it.

Re:I see this alot

[maxume]

I would guess that concerns about the support costs might be more of a factor than the actual implementation cost.

Re:I see this alot

Ask BMW owners what brand oil they use.

"pisses off random slashdot users" is actually quite compatible with "making shitloads of money." Most people don't think like you, and the sooner you realize that, the sooner you'll have a shot at becoming happy and well adjusted. And no, "happy and well adjusted" is not a synonym for "brain washed" or whatever... in this context it just means accepting that other people put different values on different aspects of their life. And looking at your post history it is pretty obvious that you don't lead a meaningful life.

Re:I see this alot

[maxume]

How much of my post history did you take a meaningful look at?

Re:I see this alot

[linuxrocks123]

As far as I'm aware, WPA2 with AES is not crackable. Have you ever cracked a WPA2 network with AES using anything more sophisticated than brute-forcing the password, or do people just not use this setup often?

---linuxrocks123

Re:I see this alot

[jc42]

Heh. The AC probably didn't look at any of your post history, just the number of posts. That told him/her that you spend far too much time on /., and thus don't have a meaningful life (for some people's definition of "meaningful").

Yeah, I know; me too.

Re:I see this alot

[maxume]

Yeah, that part of the AC post hits close enough to home that they deserve a cookie (or I wouldn't have replied).

Re:I see this alot

[sumdumass]

First, I'm not really an authority on this as all I have done is used other people's tools and scripts and read their how-to's and so on. You can call me a script kiddie if you want. You will find a lot of reviews, including videos of people cracking WPA2=AES on the internet. Some of their methods work, some do not- don't get bogged down by the hirer ranked ones as I typically can't get them to work. My understanding is that AES is built into the WPA2 standards by default and your using it regardless. However, how it is used is important.

It's susceptible to dictionary attacks which is actually a lot easier then you think if you know how the person creating the key thinks and can get a known packet. Generally, as I mentioned before, they like to make the key something they can remember which means that a 10 digit phone number somehow associated with the internet account is typically what you need. Some people get a little more constructive but it all points back to the same security strengths of regular passwords I guess. There are attacks that if you can gain access to an existing connected computer (suppose you want on your work network -or girlfriend/neighbor's- network, but they won't give you the key- yet your work laptop -theirs if you have access to it briefly- is already connected), you can either attempt to extract the hash tables storing the key on the computer and crack the key there, or set up a monitoring server at a remote location, then go to a website while monitoring the traffic and then you can crack the encryption a lot more easier because you know a known packet before and after the encryption (details can be found on the web).

One of the drawbacks is that WPA2-AES is not typically used in a way that exploits it's strengths. It's like having a titanium luggage lock with 128 number combination and setting them all to 0-0, 1, 2, 3, 4. I have gotten access to WPA2-AES networks in the past, but the dictionary contained all of the phone numbers the site had and it also was one of the keys. No one seems to want to build a long key of random numbers and signs that they have to input into every wireless device needing access.

If you are worried about security, you shouldn't be running wireless at all- unless your ready to do some enterprise level security and run an IDS with access controls, a radius server, use EAP, and the lot AND have someone monitoring it regularly. Typically, when I do set up wireless networks for businesses that insist on them (granted I'm dealing with small businesses with less then 50 employees), I set them up outside the internal network entirely on it's own IP address then VPN the clients into the network as needed. There are drawbacks with that too. I guess my main point was that you just can't go to best buy and purchase a Dlink- throw it on the network and expect to be completely secure. Some information is more valuable then others as it could carry steep fines and possible jail time in addition to other liabilities if it got out depending on if some law covers it like HIPPA.

Re:I see this alot

[RebootKid]

The only tools I know of, that the poster seems concerned about mentioning are tools like aircrack-ng. It's loaded in the Backtrack CD set. (Which I highly recommend as a tool to audit your own networks) He is correct, you can crack a WPA2-AES password. It's not easy, and it takes time. Basically what you do is start dumping the stuff you see in the air, identify a target network, send a disassociation notice to the client that's connected to the AP, spoofing the MAC of the AP, a bunch of times. You record the traffic its sending back. The password will be in that traffic, encrypted, of course. Then you do a re-play and dictionary attack against the replayed traffic. It does work, but it doesn't work against long, complex, and random passwords in a short period of time.

Re:I see this alot

So basically what you're saying is that my WiFi is perfectly secure since I do not use a password that is easy to bruteforce. Which defeats your whole argument above. It's not easy to hijack WPA2 unless someone has a terrible password.

Re:I see this alot

Where have you seen this? I've seen it against WPA with TKIP but not WPA2-AES, ever.

Re:I see this alot

[mcgrew]

Ithink keboardsare madetoo cheaply thesedays, especiallythespacebar.

Re:I see this alot

[mcgrew]

zeroconf and those "Quick Connect" buttons that routers and Windows have these days, for two.

My netbook came with Windows 7, I upgraded to kubuntu, but connecting its wifi is pretty similar in both OSes. I don't have a Mac but I'd bet it isn't too much different, either.

Re:I see this alot

[sumdumass]

So basically what you're saying is that my WiFi is perfectly secure since I use a 60 or more character password that is composed of random numbers and symbols

There, FTFY. Almost all passwords are easy to brute force if "you can remember them". The amount of time involved is the real sticky part but that can be negated by knowing something about you or the company with the WIFI.

And that's only if you are attempting to crack the password itself by attacking the authentication packets. Even a good password becomes trivial if you can be tricked into going to certain websites or if someone actually has access to a system on the network wirelessly- even if just for a few minutes.

Re:I see this alot

So I'm right then. Thanks.

Re:I see this alot

Yea, after I fixed your wording to limit it to a small part of things, you are right to an extent.

You see, even non-dictionary passwords can be brute forced, the time to do it just becomes increasingly long. However, that's not to say someone can't get lucky relatively shortly.

Re:I see this alot

You're so full of crap.

You can only crack WPA2, if it was set up with a weak passphrase (dictionary or too short).

You won't be able to crack WPA2, if:

* they've used a 25+ alpha-numeric with special characters, passphrase
* you've not already authenticated yourself, and allowed wireless connectivity, to the WAP.

 

Re:I see this alot

The only thing you changed was the password part. And my password fits the criteria you mentioned. So yes, I was right. Without limiting my wording at all.

Re:I see this alot

If you had specified that you followed the password criteria and not just claimed you did, I wouldn't have changed anything. Too many people think they have a strong password or that their password isn't easy to brute force when it's actually a simple password if anyone knows anything about you. Like I said when I adjusted your comment, you need 60 or so random characters and symbols to have the most secure password. But you simply said you had a strong password that wasn't easy to brute force which means nothing unless you define what strong is and what easy is. You didn't define either so I assumes and distinguished from your potential idea of strong and what actually is strong.

It's not like anyone is a mind reader, just because you think you know something, doesn't mean we know you think you know it. It's really that simple. I was making a point, you made a comment, I made that comment fit my point.

Heh!

[cytoman]

That's the SSID for my home wi-fi :-D.

Re:Heh!

[clone53421]

Really? I named mine “virus”...

Re:Heh!

[damn_registrars]

That's the SSID for my home wi-fi :-D.

Funny, that's the combination to my luggage...

Re:Heh!

mine is: myneighborlikesincestrialsex

Re:Heh!

[apoc.famine]

FBI Monitoring Station

Keeps the riff-raff out...

Re:Heh!

[PincushionMan]

Hey, do you work at the local precinct? Their SSID is FBI-09 (on WiFi channel 9, of course).

Re:Heh!

[Abstrackt]

So does "$1.99 per minute".

Re:Heh!

[the_fat_kid]

yo dawg, we heard that you like free wi-fi. so we put free wi-fi in your wi-fi...

Re:Heh!

[bigrockpeltr]

Free Radiation

speaks for itself
(actually wpa encrypted so the radiation is free.. the intertubes access is not)

Re:Heh!

mine is: myneighborlikesincestrialsex

Incestrial? Is that a cross between incestuous and ancestral, like when you have sex with your own ancestors? How does that work given that they're likely to be dead?

Or is it when someone commits incest and goes on trial for it, but continues anyway?

Re:Heh!

So you're my neighbor.

Re:Heh!

So does WPA.

Re:Heh!

[TheRaven64]

I assumed it was a cross between incest and industrial - presumably as in, sex among mass-produced clones.

Re:Heh!

I use "Kiddy Pr0n Dungeon" for my network.

Re:Heh!

[GreyWolf3000]

I think you have to be listening to Nine Inch Nails during the act, as well.

Re:Heh!

[xaxa]

Industrial sex with rocks in? Hmm... I prefer Combichrist.

Re:Heh!

[mcgrew]

There's an SSID in my neighborhood called "Hack me and I'll find you". Sure is tempting...

Re:Heh!

That's the SSID for my home wi-fi :-D.

Funny, that's the combination to my luggage...

only an idiot would use that as the combination for their luggage!

Possible attack vector

[TamCaP]

I guess I am not the only one that is thinking that "Free Internet" SSID is a perfect vector for a MIM attack. Has anyone heard of any cases where it has already been exploited?

Re:Possible attack vector

You're thinking of attacking people randomly connecting to Public Wi-Fi Networks and you're worried about details like the name?

That's like using a scope when you're shooting ducks in a barrel.

Re:Possible attack vector

https://bugzilla.mozilla.org/show_bug.cgi?id=460374

Re:Possible attack vector

[oldspewey]

If I use an unknown wifi connection, first thing I do is log in to a VPN tunnel so the rest of my session is securely encrypted.

Re:Possible attack vector

That's like using a scope when you're shooting ducks in a barrel.

Well, no, it's more like using bait.

Your average hipster walks sits down in an urban coffee shop and opens his laptop: the first thing he does is look for a signal from which he can leech access. Free? Public? Sounds like it's free, a virtue of which your average hipster whole-heartedly approves. Public sounds good too: it's like natural or organic or community (as an adjective) or recycled or [x]-friendly or tolerant or sustainable or any other epithet that reinforces his hipsterish sense of righteousness. Naturally, the hipster connects and begins surfing and checking e-mail. MITM gets to read his e-mail and his web reading habits (organic hipster porn).

Re:Possible attack vector

[mcrbids]

I've got my laptop set up so that anything important (EG: Email, file transfer) is set up with strong encryption. Websites, not so much, though I do have a squid proxy server so if it matters, it's a single command and three clicks to secure my web browsing.

Re:Possible attack vector

[metrometro]

I always assumed those SSIDs were people phishing. I guess I'm reassured to learn that the world is not that uniformly malicious.

Re:Possible attack vector

Well, no, it's more like using bait.

Except the bait doesn't matter. You could call it "linksys" "Open WiFi" or "SFD2342" and you'd still get hits.

Re:Possible attack vector

[TimothyDavis]

I guess I am not the only one that is thinking that "Free Internet" SSID is a perfect vector for a MIM attack. Has anyone heard of any cases where it has already been exploited?

Ever been to Defcon?

Re:Possible attack vector

[pspahn]

While that is certainly true, if you're trying to mimic a known network, you should probably name it appropriately.

After all, if you go to the trouble of setting up a fake walled garden page, you should name the network similar.

It's actually a very easy attack to run at places like hotels where travelers might be unwary and quite willing to fork over CC info for internet access.

Re:Possible attack vector

[tudsworth]

It's one of the most common MITM attack vectors, oddly enough. I cannot name any specific cases, but it's pretty common for a rather opportunistic person to create an ad-hoc "free wifi" network in a busy public place and steal whatever information unsuspecting users send through the network. People don't seem to realise it's not a bright idea to sign in to bank accounts, email accounts, paypal etc. on public terminals, either.

Not that I condone taking advantage of the technologically illiterate.

Re:Possible attack vector

[spasm]

Why three clicks? Click 1 on the icon in my application bar that runs a bash script to create an ssh tunnel from 3128 on the proxy server to 8080 on localhost. Click 2 to toggle proxy switchy in chrome (or any of the several equivalents in firefox) from unproxied to localhost:8080. Done. Encrypted connection to your proxy server machine for all subsequent surfing.

The bash script, for the curious, is:

#!/bin/bash
PRPORT="8080:"
if [[ `ps axO command | grep $PRPORT | grep -v grep | awk '{print $1}'` ]]
then
      kill -9 `ps axO command | grep $PRPORT | grep -v grep | awk '{print $1}'`
      ssh -f -N -L 8080:127.0.0.1:3128 [yourusername]@[proxyserverIP]
else
    ssh -f -N -L 8080:127.0.0.1:3128 [yourusername]@[proxyserverIP]
fi

Needless to say, you need to have set up passwordless ssh with the proxy server.

Re:Possible attack vector

[node+3]

You're worried about security, but you use Chrome? Do you know it sends every web address you type in to Google, as you type it?

Re:Possible attack vector

Well, except for porn sites. Chrome doesn't report back to Google what porn sites you visit, because that would be an invasion of your privacy. It just sends the name of the site to Google first to check it against Google's blacklist of "do not report" sites, and if the site's not listed, Google's server reports back to Chrome to report the site to Google as a place your'e visiting; if it's blacklisted, Google's server reports to Chrome not to report the site back to Google, thus ensuring the user's privacy.

Re:Possible attack vector

[spasm]

Well you're mixing privacy and security there, but to really answer your question I personally don't care if google or anyone else knows what pages I look at - that was the parent poster's concern. I set up my proxy & tunnel system as a simpler alternative to a vpn for accessing academic journals from home that my workplace is subscribed to where access rights are handled by IP address. It just happens to solve the parent poster's unrelated problem too, at least if she/he uses a privacy-oriented browser.

Re:Possible attack vector

[a4r6]

Yes, there were cases reported years ago of people "re-sharing" paid wireless connections as free ones in places like airports, for the purpose of capturing sensitive data.

Re:Possible attack vector

[GreyWolf3000]

Can anyone enlighten me as to why the term 'vector' is used in this context? It's an attack. There's no fixed point in space with a direction component.

Re:Possible attack vector

[node+3]

Well you're mixing privacy and security there

Um, yeah, because privacy and security are inherently mixed in with each other. One the purposes of an ssh tunnel is to protect one's privacy. Google Chrome violates one's privacy. The fact that you use the tunnel for entirely different ends doesn't change that. There's no mix up to ask why you've gone through such a security measure (using an SSH tunnel) to later give away your privacy (using Google Chrome).

As for your answer, makes sense. That's all I was wondering, as on the surface the one thing seemed to counteract the effort of the other.

Re:Possible attack vector

[honkycat]

Vector is a term used in epidemiology to mean a carrier---something not directly responsible for a disease, but which carries and transmits the organism or virus. That's the usage here. It's only related with the mathematical term in that they come from the same root.

This is, of course, what's behind the old math joke: What do you get if you cross a mosquito with a mountain climber?

Re:Possible attack vector

[stevesy17]

My SSID at home is "freewifi...NOTs**tslockedupTIGHT". S'got wpa2. So really it's only tangentially related to your comment. But just enough so that I can tell people about my SSID. Which is all that really matters.

Re:Possible attack vector

In case no one told you, hating on hipsters is about the most hipster thing you can do.

Dupe

[wiredog]

http://hardware.slashdot.org/article.pl?sid=07/01/26/1420202, among others.

Re:Dupe

[turtleAJ]

I dunno man... I'm posting this from Free Public WiFi...

Re:Dupe

Not a dupe, clearly you didn't RTFA.

Re:Dupe

[WarlockD]

Slashdot is starting to become a news aggregator. I knew about this bug since 2003 and evey few years someone digs it out, either blaming it on a bad configuration or a virus attack. Hell its not even a bug if you have your WiFi properly set up to never connect to ad-hoc networks.

To be honest, this is the first time I have read the true reason and not try the whole "the internet is dangerous and full of viruses" reason. Its hard to even classify it as a bug as it would make it convenient to auto connect to a local ad-hoc network. Still consider it a bug if you have to turn off ad-hoc to disable though:P

Re:Dupe

[deeweef]

Mod parent up and GP down. The "duped" is about a scam, while this is about a big in XP. Bigg diff.

Re:Dupe

[Midnight+Thunder]

Add to that the referenced article was posted in 2007. Anything older than a year is probably out of the collective consciousness and the new article while being a dupe would probably news all over again :)

Re:Dupe

[socsoc]

Starting? Slashdot is an aggregator.

Re:Dupe

[Dogtanian]

Slashdot is starting to become a news aggregator.

Oh my! Really?! Someone warn the neighbours!!!

It'd be a real shame if Slashdot moved away from its original purpose of being a database of rye bread recipes...

Seriously, just what did you think it was meant to be in the first place?

Re:Dupe

[node+3]

It'd be a real shame if Slashdot moved away from its original purpose of being a database of rye bread recipes...

Close. Slashdot was originally meant to replace chips & dips.

Old news

[lavagolemking]

Steve Gibson covered this over 3 years ago. https://www.grc.com/sn/sn-082.htm

Re:Old news

[el_tedward]

It seems odd, at least to me (I only really started getting into this when I started college 3 years ago) that this took so long to become 'main stream' news. I of course heard that you shouldn't always trust things that sounded like free public wifi, but I don't recall hearing as much about how wide spread these ad hoc networks are.

Re:Old news

Steve Gibson covered this over 3 years ago. https://www.grc.com/sn/sn-082.htm

I'm pretty sure that I've seen this same exact story posted on Slashdot a couple times in the past as well. I'm just not motivated enough to look for it.

OMG!!! Look out!!! Your already-past-end-of-life-OS has something we don't like about it!!! Like, Microsoft should really, like, you know, release a newer OS, like, and stuff. Doh!!

Damnit..

[Quantus347]

You found me out... I was using it to make a chain of roaming broadcast nodes to beam PETA propaganda directly to your fillings. I guess now I'll have to use twitter.

"They Still Use Windows XP?!"

[Suiggy]

Queue the picture featuring a pair of laughing girls.

Re:"They Still Use Windows XP?!"

I use Windows ME. It's for the new millennium, man!

Re:"They Still Use Windows XP?!"

Queue the picture featuring a pair of laughing girls.

Sure, why should today be any different than any other day in my life...

*sighs*

Re:"They Still Use Windows XP?!"

Hell, I'd still be using W2K except I have one or two apps that won't run under it. I actually downgraded from 7 last year after determining that 7 did absolutely nothing I needed that XP didn't, and had plenty of quirks that drove me crazy.

Re:"They Still Use Windows XP?!"

[clone53421]

7 did absolutely nothing I needed that XP didn't, and had plenty of quirks that drove me crazy.

Nothing?! They made the digital camera interface usable, and someone finally added a “crop” function to Paint...

Re:"They Still Use Windows XP?!"

[Picardo85]

Queue the picture featuring a pair of laughing girls.

Well as a matter of fact, 51.7% source of the computers are still using windows Xp so it, in my oppinion, isn't that strange that this problem has appeared. I myself would be one such example of potential victim since my laptop is incompatible with W7 due to compatibility issues with the gfx drivers. I can imagine that there are many out there who are in the same situation. Not only this but during the time Vista was distributed there were also a lot of computers who were sold with Windows Xp because people didn't want the flawed Vista system.

Re:"They Still Use Windows XP?!"

Why would people switch from something that

(a) works for them
(b) is already paid for?

I'm a GNU/Linux user myself, but most people won't wipe their partitions just for geek cred. (Yes, security and all that, but what does the average user know of such things?)

Re:"They Still Use Windows XP?!"

[wjousts]

I actually downgraded from 7 last year after determining that 7 did absolutely nothing I needed that XP didn't,

Except, not having this bug....for one.

Re:"They Still Use Windows XP?!"

[Obfuscant]

Nothing?! They made the digital camera interface usable, and someone finally added a "crop" function to Paint...

My digital camera has a USB interface and appears like a USB disk, which works under just about any OS. The one that doesn't uses a CF card that can be mounted on just about any OS, including XP.

What is this "Paint" thing you refer to? Is it like The GIMP or ImageMagick, just less useful?

Windows 7 is bloatware that doesn't run a lot of the software I already own. I either have to buy updates to everything I run now (if it is still available) or stay with XP. Hmmm...

Re:"They Still Use Windows XP?!"

[Arctech]

Hell, I'd still be using W2K except I have one or two apps that won't run under it. I actually downgraded from 7 last year after determining that 7 did absolutely nothing I needed that XP didn't, and had plenty of quirks that drove me crazy.

UAC is to Vista/Windows 7 what sudo is to Unix. It was a function that was a glaring omission from NT up through XP, and if you think any operating system is better without a function to temporarily elevate a limited user to admin you're nuts.
If you think XP's default behavior of setting up everyone to run as a full administrator account to run day-to-day tasks 24/7 you're even more nuts.

Re:"They Still Use Windows XP?!"

[ComaVN]

+1 Depressing

Re:"They Still Use Windows XP?!"

[zach_the_lizard]

By default, UAC has no teeth and is just annoying. You just click 'allow' and go. Sudo, on the other hand, at the very least will require a password, if you're in the sudoers file. I think that's part of the complaint: if you're going to implement a security feature, make it secure by default.

Re:"They Still Use Windows XP?!"

That's crazy talk, I've already got a crop function in my paint for xp! It's just a little disguised as "select area, copy, set image attributes to 1x1, paste". Easy!

Re:"They Still Use Windows XP?!"

[clone53421]

You can also select the image (Ctrl-A), drag the upper-left corner into place to crop off the top/left, affix the floating selection (Esc), and then drag the lower-left corner to trim off the bottom/right.

Re:"They Still Use Windows XP?!"

[Zumbs]

Now, where did all my mod points go?

Re:"They Still Use Windows XP?!"

[ThatMegathronDude]

You can configure your user accounts so that the normal user you use doesn't have elevated privilege campabilities. UAC allows you to elevate using different credentials if you so choose.

Re:"They Still Use Windows XP?!"

[Suiggy]

That's not the complaint put forth by people claiming it's annoying. Those people find having to enter in their administrator password even more annoying. Your average non-technical user isn't security conscious at all, they see any attempt to make a process requiring user interaction more secure through the addition of credential check barriers as mere annoyances, no matter the benefits. If Microsoft went with the password check it would have actually resulted in more bad press for them than what they got from the security community.

And it is fairly secure from a programmatic standpoint, the UAC check is run in a separate process owned by the SYSTEM user account, and you can't even enumerate the window handles to simulate a mouse click without having been granted code access security privileges for the SYSTEM user, and to do that, you would already had to have compromised the system. It's still easy for a user to accidentally click Yes, but at that point, there's not really much difference between a stupid user clicking Yes and them typing in their admin password. If they want to run some malware they downloaded, then by golly, they're going to run it.

Personally, I set UAC to always prompt for my admin password.

Re:"They Still Use Windows XP?!"

[zAPPzAPP]

Easy Modo?

Re:"They Still Use Windows XP?!"

[EXrider]

If you're running as a regular non-admin user though, you can effectively sudo by entering in the user account credentials of an admin account when prompted to do so by UAC, so you can get similar functionality. It just requires two user accounts instead of one unfortunately.

Re:"They Still Use Windows XP?!"

laughingsluts.jpg

Re:"They Still Use Windows XP?!"

[SethJohnson]

Sadly, Windows 7 appears to maintain consistency with previous interface releases; the dos window still won't let you highlight-copy text without a visit to the top-left dropdown menu and over to the sub-menu two times. (edit>>mark and then edit>>copy). It's important not to confuse people with contextual menus and dynamic highlighting if they started in the dos 3 world.

Seth

Re:"They Still Use Windows XP?!"

[Gadget_Guy]

the dos window still won't let you highlight-copy text without a visit to the top-left dropdown menu and over to the sub-menu two times.

I right clicked in a command prompt window in Windows 7 and got the context sensitive menu with Mark/Copy/Paste at the top of the list. It only doesn't appear when a DOS program is using the mouse itself. You can try this by running edit.com and see the context menu disappear.

NT 4.0 used to begin highlighting as soon as the left mouse button was pressed, and it was a real pain when you clicked on the window to give it focus.

Re:"They Still Use Windows XP?!"

[Gadget_Guy]

UAC is to Vista/Windows 7 what sudo is to Unix. It was a function that was a glaring omission from NT up through XP, and if you think any operating system is better without a function to temporarily elevate a limited user to admin you're nuts.

There was "Run As" capability in 2000 and XP which gave the ability to temporarily become administrator for a particular program. You could still setup programs without having to log out of the limited user. I believe there was the command line program "RunAs" that did the same thing under NT4.

Re:"They Still Use Windows XP?!"

look you're going to have to upgrade from dumbshit simulator 1998 eventually anyway

Re:"They Still Use Windows XP?!"

[Blakey+Rat]

By default, UAC has no teeth and is just annoying. You just click 'allow' and go. Sudo, on the other hand, at the very least will require a password, if you're in the sudoers file. I think that's part of the complaint: if you're going to implement a security feature, make it secure by default.

You know you can turn that on, right?

The default configuration doesn't ask for a password, but, then again, neither does OS X-- and nobody's griping about OS X being insecure.

Re:"They Still Use Windows XP?!"

[clone53421]

the dos window still won't let you highlight-copy text without a visit to the top-left dropdown menu and over to the sub-menu two times. (edit>>mark and then edit>>copy)

What?!

Command-menu, “Defaults”, “Options” tab, “Edit Options” box, “QuickEdit Mode” enabled.

Click & drag to select; Esc to clear selection; Enter to copy selection. No muss, no fuss. It’s worked since at least Windows XP...

Re:"They Still Use Windows XP?!"

[mcgrew]

Who in their right mind would to "upgrade" to an OS that your old hardware won't run well? For a new computer, Windows 7 is pretty good; I actually started liking it on my netbook before it borked itself (I blame Acer, not MS, see below) and I installed kubuntu in disgust.

If you have an Acer Aspire One, do NOT shut the lid before plugging it in. With Windows, it puked, ran chkdsk, and would only let me in Safe Mode afterward. I made the same mistake with Linux, which is fortunately more robust. It was simply locked up when I turned it back on, and after removing the battery and restarting it displayed a kernel panic. Restarted it again and it was fine, with its desktop just like it was when I stupidly closed the lid and plugged it in.

Re:"They Still Use Windows XP?!"

[Kalriath]

You forgot right click to paste.

Re:"They Still Use Windows XP?!"

[Kalriath]

Actually, OSX does demand a password by default. And boy can it be annoying. What with the daily iTunes and Safari updates of late.

Yep, noticed this long ago.

[sea4ever]

At my old school which I left earlier this year, I remember setting up my laptop as an ad-hoc access point to test some music streaming with VLC.
I have no idea why, but someone must have tried to connect to it. Now, almost a year after leaving that school, people still tell me that the 'ghost' of my laptop broadcasting can still be seen.
There are 2 ad-hoc networks out there that are 'ghosts' now, the first is my nickname (yeah, bad choice for a perpetuating network, I know) and the second is named after the university network, which is accessible on clear days.

Re:Yep, noticed this long ago.

I'm impressed that no one tried to turn this "feature" into a advertising medium.

Sounds like something that could be exploited...

[moxley]

Sounds like something that could be exploited...

Not so

[GWBasic]

Of course, since it's ad hoc (computer to computer) it's not actually access to the internet.

Regarding ad-hoc WIFI networks, that's not true. One node on the network needs to act as a proxy.

This is the case if you share an internet connection on a Mac laptop, such as sharing a 3G dongle over WIFI, or sharing a wired internet connection over WIFI. The network will be ad-hoc and will have access to the internet. The same thing applies with the MiWi application on jailbroken iPhones. It creates an ad-hoc network for accessing the internet through the iPhone.

The point of ad-hoc networks is to save battery and CPU resources and be more responsive at the expense of some reliability. In a normal WIFI network, computer-to-computer connections always go through the router. In ad ad-hoc network, computer-to-computer connections go directly between the computers, creating a strange reliability situation when two computers on the network are far away from each other. Of course, if all you're doing is getting on the internet, it's kind of a wash.

Re:Not so

Wow, you are so wrong.

This is the case if you share an internet connection on a Mac laptop, such as sharing a 3G dongle over WIFI, or sharing a wired internet connection over WIFI

Or a Windows laptop, or a Mac/Windows desktop, or on a Linux box (laptop/desktop/handheld). Linux is AFAIK the best support for AP mode, but even there many chipsets don't work, and most of the ones that do are finicky and painful. Your statement is not wrong, per se, but needlessly specific.

The point of ad-hoc networks is to save battery and CPU resources and be more responsive at the expense of some reliability.

Epic bullshit! CPU utilization is the same, and ad-hoc takes more power, because powersaving (i.e. shutting off power to the receiver when there's no traffic for you) requires an AP whose beacon you can sync to and receive notifications of pending traffic transmitted every nth beacon (if there is traffic for you) In an adhoc, there's no designated party to store+forward, and no timing to listen, so the very concept is implausible.

Re:Not so

[sjames]

One node MIGHT have access to the internet and MIGHT actually be willing to forward traffic, but it need not be the case. The point of an ad-hoc network is that no AP is needed.

Of course, though a managed network GENERALLY has access to the net through the AP, that is not 100% the case. It could have it's wan port unplugged, it could be firewalled off, or it could be someone's laptop that the user forgot to disable the AP functionality when they disconnected from the net.

Grrrrr....

[ACKyushu]

This is just more evidence (As if you needed any...) that Apple products are overhyped, underpowered, overpriced pieces of... Wait.... Nevermind.

Sounds like a mesh network

Which would surely be touted in a similar article as a positive world changer if only a proper non-microsoft OS was involved.

I don't see it very often...

[damn_registrars]

The claim of

Almost anywhere you go these days (particularly at airports), if you check for available WiFi settings, you have a pretty good chance of seeing an ad hoc network for 'Free Public WiFi.'

Doesn't match my experience. I have done a fair bit of flying lately - and always needing at least one connection each time because my closest airport sucks - and haven't seen it at the airports I've been to. I have checked for WiFi at coffee shops and restaurants and haven't seen that SSID there either. Lately I have been connecting through some of the busiest airports in the country (O'Hare and Newark Liberty in particular) and haven't seen this.

In fact, I can't think of the last time I did see it. I often use my blackberry to access open WiFi spots, and I don't have a record of a network that I have connected to called 'Free Public WiFi'.

Re:I don't see it very often...

[js3]

Yea I was like wtf. You really don't see a lot of these, maybe 1 or 2 at certain airports but it's hardly newsworthy.

Re:I don't see it very often...

[clone53421]

I can remember seeing it a few times... like 2 years ago. Sort of like this story...

Re:I don't see it very often...

[Enry]

I saw it just over a week ago in PHL on my iPod touch. There's also one hiding somewhere near the State Street T station in Boston.

Re:I don't see it very often...

[kidcharles]

I commute through New York Penn Station twice every day. I don't think I've ever NOT seen "Free Public Wifi" on the list of connections on my Nokia N900.

Re:I don't see it very often...

[Locutus]

we see mostly Apple computers at the airport these days so that explains it. ;-)

LoB

Re:I don't see it very often...

[BrianRoach]

YMMV ...

I see it every time I go through Kansas City (MCI) and Denver which is twice a month right now.

Re:I don't see it very often...

[Shin-LaC]

I see it all the time on Italian trains.

Re:I don't see it very often...

Not in international terminals where the flight might be longer than the battery life...

Re:I don't see it very often...

Likely because your device is set up to NOT see ad-hoc connections.

Re:I don't see it very often...

[netsharc]

Saw it in a train in Germany, about 6 years ago... thought it was a honeypot.

Re:I don't see it very often...

[gad_zuki!]

>I have done a fair bit of flying lately - and always needing at least one connection each time because my closest airport sucks - and haven't seen it at the airports I've been to.

If we're comparing anecdotes, I once saw it on a plane during the flight. I pretty much see it anytime I use my laptop or phone in a business setting too. Assuming Vista/7 doesn't do this, then I'm sure its going to become increasingly rare.

Re:I don't see it very often...

[Damek]

I see it all over New York City, FWIW. I even see it on the Subway sometimes, but certainly, just walking around, especially office areas, I see it all the time.

Re:I don't see it very often...

[PhilHibbs]

The last three offices I worked in all had non-working "Free public WiFi". I guess I was perpetuating it as well since I tried to connect to it with my work laptop :)

Re:I don't see it very often...

Airtight networks did a wifi vulnerability study at various airports a couple of years back as a publicity stunt. That study found "Free public wifi" footprint all over the world. Would be interesting to have a followup study to see the trends http://www.airtightnetworks.com/home/resources/knowledge-center/airport-scan.html

Re:I don't see it very often...

[ecloud]

I just saw it in SFO a couple weeks ago. Never knew what it was until now... I always figured it was somebody's cell phone acting as an ad-hoc access point, and maybe it didn't work because the GPRS signal was weak or something. That's really stupidly mislabeled. I can see how they would have wanted to "make networking easier" between Windows machines, but why not label it as that instead of like an advertisement or a honeypot?

Re:I don't see it very often...

[spasm]

I see it at LAX every time I go there - about 4 or 5 times in the last 12 months. And on Amtrak between LA and San Diego pretty much every week. Maybe it's a Southern California Stupid thing?

Re:I don't see it very often...

[joshuac]

I often use my blackberry to access open WiFi spots, and I don't have a record of a network that I have connected to called 'Free Public WiFi'.

Err, OS 5 certainly doesn't support ad hoc connections (I doubt OS 6 does either) so possibly your observation is being colored by your blackberry helpfully filtering those SSID's out.

Depending on the configuration of the tool you're using on your laptop, it very likely is doing the same thing to protect a less experienced user from connecting to a useless ad hoc network themselves.

I still see it reasonably often at the airport (OAK or SFO), sometimes in other fairly random locations, though it seems less now.

Re:I don't see it very often...

[CrashandDie]

Well, and this is from my logs, I've seen 'Free Public Wifi' in ad-hoc mode:

2009-03-29 LHR
2009-03-29 LAX
2009-04-03 LAX
2009-04-05 DTW
2009-04-06 LHR
2009-04-06 LGW
2009-04-12 LGW
2009-04-18 LHR
2009-04-18 LAX
2009-04-29 DFW

And that's just over the course of one month.

Looking at another random month:

2010-01-04 LGW
2010-01-04 LHR
2010-01-06 BKK
2010-01-06 SYD
2010-01-06 BNE
2010-01-14 BNE
2010-01-14 LHR
2010-01-18 LHR
2010-01-18 LAX

I'd pretty much say this exactly confirms what the article spells out. (For the record, I was a Consultant, getting drunk in airplanes was my job).

Re:I don't see it very often...

[DirePickle]

I've seen it at every airport that I've been to in the last year. IAD, ORD, NRT, MSP, SFO, CVG, LAX...

Re:I don't see it very often...

[Zadaz]

Not an airport, but I see it right now at a downtown San Francisco Starbucks. I probably see it around 50% of the time that I'm in a downtown coffee shop.

Re:I don't see it very often...

[MrCrassic]

I beg to differ, especially since I see it almost every time my phone picks up Wifi in a subway (i.e. almost every day or every other day). This and "hpsetup" are super popular ninja ad-hoc networks.

I'm just really surprised how few noticed that this is really old news! People have been advising against this for years, too. This is also not entirely a bug; Windows XP wasn't (well) designed for wireless networking until about SP2, and one of the more annoying things it did was save ad-hoc networks. Since ad-hoc networks are supposed to make your computer a wireless access point and people didn't know any better when they saw "Free Public WiFi," a HUGE botnet of varying damage was formed. Windows did give its user heads-up by giving ad-hoc networks a different icon...but it wasn't obvious enough for most people.

I don't understand why this is an article now...

Re:I don't see it very often...

[kevmeister]

FWIW, I have seen it over the past two weeks in Oakland (OAK), San Francisco (SFO), Atlanta (ATL), and Denver (DEN). I've also seen it in several public areas outside of airports.

Re:I don't see it very often...

[multipartmixed]

I actually noticed this recently, on the train.

I was trying to figure out who the hell had a "Public Wifi Hotspot" network with uninterrupted coverage the whole way.

I guess now I know :P

I wonder why I didn't notice that it was an ad-hoc network (Vista UI)? Maybe because I didn't try to connect?

Re:I don't see it very often...

[cant_get_a_good_nick]

You don't see it often, and I see it pretty much every trip home from work. Since this spreads due to network effects, I seem to have many more 'seeds' on my commute home than you have on yours.

I'm glad I saw this blurb, it saved me typing Free Public WiFi into Google to investigate it.

Re:I don't see it very often...

Certain regions are probably more infected than others. I see it all the time in Toronto.

Re:I don't see it very often...

See this all over London.

Mod parent up

I was wondering this myself. Thanks trisexual poppy

"He can't spell cue!"

Cue the picture featuring a pair of laughing girls.

Re:"He can't spell cue!"

Maybe he just has *a lot* of pictures of "laughing" girls?

Re:"He can't spell cue!"

[neminem]

Or he just had something else he needed to do first, but responding with a picture of laughing girls was in his list of things to get done.

Your machine would have to be years out of date

to be affected. This was fixed in XP SP3. Love lines like "When a computer running an older version of XP ...." without further explanation. Haters gonna hate!

Re:Your machine would have to be years out of date

[empvirus]

Yes, but a TON of people out there don't update at all, let alone semi-regularly, so this is still relevant, IMHO.

Ive seen it

I recently Traveled to Italy from Portland and saw it at most airports

PDX -> Atlanta[saw it] -> Rome[saw it]

Venice[saw it] -> JFK[saw it] -> PDX

MiFi

[tburke261]

Oops. Turned the WEP off and set this as the SSID on my MiFi. Maybe this explains the overages!

"Ad hoc"

[KC1P]

As Inigo would say: You keep using that word. I do not think it means what you think it means.

The next step.

[suso]

Now that this information is public, we're going to start seeing networks called "Free Public Wifi - eatatjoes.com". Good job. Should have just kept quiet about it.

Re:The next step.

retarted post is retareded.

Wait, were you attempting to refer to pastries or weight?

Re:The next step.

[Teun]

Al Qaeda web -at this airport- is another good one.

Re:The next step.

[GTRacer]

Awesome, just awesome! <3

Re:The next step.

[Sulphur]

Microsoft *tortles again.

*Doing something which is legal, but shouldn't be. Example he tortled with her affections.

Re:The next step.

[lxs]

Yup. It's tortles all the way down.

Re:The next step.

[uglyduckling]

This has been public for a long time, I've known about it for at least 18 months, it's just Slashdot being slow.

Nothing to see here.

[derrickh]

This is a really bad case of FUD. And it's just as bad when someone other than MS does it.

Un-encrypted ?!?

[DrYak]

Naturally, the hipster connects and begins surfing and checking e-mail. MITM gets to read his e-mail and his web reading habits (organic hipster porn).

If they are dumb enough to setup their account whithout encryption, they deserve whatever happens to them.

SSL protected connection is a damn strict minimum when you're on a public network.
End-2-end encryption is a must if you have any confidential information.

Non-encrypted data on a public wifi network, is like shouting with a megaphone in the middle of a busy town center.

Re:Un-encrypted ?!?

For web browsing, SSL certs can be MITM'd. See the bugzilla report a few posts over. Basically, browsing Hipster requests an SSL session with a Website; MITM receives the request from Hipster, replying with his own faked certs; at the same time, MITM sends a request forward to Website that matches what Hipster sent MITM. Website thinks it's sending SSL data, Hipster thinks he's getting SSL data, and MITM is happily proxying everything along after recording it. Hipster should be clued into the problem by his browser screaming warnings about SSL certs being expired or invalid, but Hipster's been trained, by a long series of web admins too lazy to do certs right, just to click "Go Away" every time he sees one of those alerts, so pretty much the only defense against MITM'ed certs is out the window thanks to sloth and apathy.

Re:Un-encrypted ?!?

[netsharc]

Non-encrypted data on a public wifi network, is like shouting with a megaphone in the middle of a busy town center.

And yet probably 95% of users do it anyway (percentage pulled out of ass).. for a road vehicle related analogy, it's probably like "you should wear a helmet when riding a bicycle" warning....

Re:Un-encrypted ?!?

Yeah! And this should apply across technologies and professions!

Anyone dumb enough not to know how to do their own brain surgery deservers what they get!

Re:Un-encrypted ?!?

If you're dumb enough to go out at night without bullet-proof shielding, you deserve to get mugged or killed.

Re:Un-encrypted ?!?

[node+3]

If they are dumb enough to setup their account whithout encryption, they deserve whatever happens to them.

No, they don't.

Re:Un-encrypted ?!?

[cammoblammo]

Anyone dumb enough not to know how to do their own brain surgery deservers what they get!

The easy part's getting the brain out. The hard part's getting the brain out!

Slashdot reading Hack A Day?

[Lumpy]

It 'seems lately that lots of HAD articles are popping up automatically on slashdot. If you watch the RSS feeds out there of the tech sites you can watch the wave of stories copy from site to site.. It used to be that slashdot had them first or did not cover what was already copied all over the place...

Has slashdot ran out of good submissions and is not simply posting what pops up out of other sites RSS feeds?

Re:Slashdot reading Hack A Day?

[A.+B3ttik]

Almost anywhere you go these days (particularly on slashdot), if you check for new stories, you have a pretty good chance of seeing a a duped story from another site. Of course, since it's a duped story (news site to news site) it's not actually news. So why is this in so many places? Turns out it's due to a bug in site moderators. Apparently, the way they work is that if they can't find a 'new' story, they automatically sets up their site to broadcast a duped story, using the title of the last story that was popular. So... people see this and they try to read it. Then their own favorite sites start broadcasting the same thing, because it can't find a good story on its own. And, like a virus, the 'Duped Story' that doesn't work lives on and on and on."

Re:Slashdot reading Hack A Day?

[Khyber]

Hey I try to submit good stuff. Sadly, it seems slashdot isn't quite what it was almost a decade ago.

Seen at a University

[pgn674]

At a university I attended, I noticed that, year after year, I would keep seeing the same ad-hoc name, across many different dorms on the same, big campus. The university had wireless in most of its academic buildings and some parts of the dorms, but most people in dorm rooms couldn't get it (we were encouraged to use the provided wired connection instead). Someone must have made an ad-hoc who knows how long ago (it was called "{university name} wireless", which is nothing like what the actual university's SSID was called), and people must have just kept connecting to the spreading and persisting ad-hoc name, hoping they'd get wireless internet access.

Poisoned DNS. . .

[JSBiff]

The GP is correct - the only real way to 'secure' a public internet connection like a WiFi hotspot is with a VPN that also secures your DNS traffic so that all name lookups are served from a 'trusted' DNS Server. (This doesn't apply so much to SSH/SFTP, where you have, presumably, already cached the fingerprint of the server's Public Key, so if you get back the wrong key, you know someone's trying to attack you, and the client will warn you).

It all depends on how paranoid you are - generally, SSL Certs are *supposed* to protect you from someone impersonating an https request. However, I remember reading somewhere (might've been a story Slashdot covered), about someone successfully getting an SSL Cert signed by a registrar somewhere in the world, that they shouldn't have had, which allowed them to impersonate some site. I don't remember the exact details, but it had something to do with wildcard certs, IIRC.

In practice, I suspect most people setting up a 'phishing hole' WiFi hotspot, probably don't even worry about trying to attack the SSL connections, because that requires too much foreknowledge of what sites your targets would be visiting - just grab whatever plaintext you can - ought to be something interesting in it, sooner or later. Well, there's also the issue that someone could setup a phishing site and direct you to it with their poisoned DNS, and they just don't use any SSL at all, so the browser never gives a certificate complaint, and if the user isn't paying attention and verifying that encryption is in use, they'd maybe not realize they were connecting to the wrong server.

Re:Poisoned DNS. . .

Why VPN? I use SSH with DNS queries over SOCKS. Works a treat. I always imagine some sad hacker sitting in the office at Motel 6 looking at my SSH traffic.

Re:Poisoned DNS. . .

[JSBiff]

Well, that's a sort-of VPN. My point is that you use encryption to a server that you connect via IP address instead of DNS, to secure your DNS lookups. With SSH+SOCKS, you should be able to encrypt most of your traffic (web, ftp, remote X-sessions, etc), so that's basically, kinda a VPN.

Re:Poisoned DNS. . .

[cjb658]

I remember reading somewhere (might've been a story Slashdot covered), about someone successfully getting an SSL Cert signed by a registrar somewhere in the world, that they shouldn't have had, which allowed them to impersonate some site.

I think it was here.

Re:Poisoned DNS. . .

[sumdumass]

In practice, I suspect most people setting up a 'phishing hole' WiFi hotspot, probably don't even worry about trying to attack the SSL connections, because that requires too much foreknowledge of what sites your targets would be visiting

It all depends on how much they want to invest in their attacks. I can see easy ways of doing it that wouldn't require breaking SSL traffic at all. First, look up a wifi pineapple. If you notice, they are using a regular wifi router with a hacked firmware stuffed into a seemingly innocent object. Just take that firmware a bit further by installing a proxy server that captures the key exchange then decode the traffic. Or better yet, rig the proxy to relay everything until it hits a bank site, then cause the page to reload with a dynamic copy of it to mimic the banking site, and refuse the first and second attempts to connect. You know have basically tricked them into entering their username/account numbers and passwords into something you can easily read. They will concentrate more on trying to type the account information in correctly then noticing the page changed slightly. Allow them through the second or third time unobstructed and they will simply think they fat fingered some character as they typed.

There used to be a proof of concept code that would pretty much do just that floating on the web but a quick search turned up nothing I recognized. It basically intercepted all web requests and relayed the page/pages requested to the user as if it was hosted on the gateway device itself. I think it could even mimic some self signed security certificates but had trouble with most of them. Either way, setting it to hit originally with the right page, forcing a reload with the faked page, then allowing the real page to pass could all be controlled with software and scripts giving access to most of the important stuff.

New PCs come with Windows 7

[tepples]

What is this "Paint" thing you refer to? Is it like The GIMP or ImageMagick, just less useful?

ED's article claims that the program has become somewhat more useful in Windows 7.

Windows 7 is bloatware that doesn't run a lot of the software I already own. I either have to buy updates to everything I run now (if it is still available) or stay with XP. Hmmm...

If you buy a new PC with a new warranty, and it isn't from Apple, System76, or some other specialty vendor, it will come with Windows 7. To use non-game apps that require Windows XP and don't work with Program Compatibility Wizard, you can Anytime Upgrade to Windows 7 Professional and then install XP Mode.

Re:New PCs come with Windows 7

[viking099]

This doesn't always work the way you would expect it to.

I have an older, but perfectly functioning Canon USB scanner that I primarily use to deposit checks into my bank account.

When I upgraded to Windows 7 I thought I could get the scanner running with XP Mode. Nope. If Windows 7 doesn't see it, XP Mode can't see it, so even though my scanner works fine in XP, it won't in XP Mode.

Re:New PCs come with Windows 7

[EXrider]

When I upgraded to Windows 7 I thought I could get the scanner running with XP Mode. Nope. If Windows 7 doesn't see it, XP Mode can't see it, so even though my scanner works fine in XP, it won't in XP Mode.

I think you've missed a step somewhere then. I've had success getting 16-bit software, scanners and USB to Ethernet adaptors (that didn't work on Windows 7) working in an XP Mode VM under Windows 7 x64. From what little I recall though, it was a pain in the ass and not straightforward at all. But it does work after you give up and resort to reading documentation.

Re:New PCs come with Windows 7

[Nephaestous]

You could try using VMware player with USB pass-through mode.

Re:New PCs come with Windows 7

[arth1]

If you buy a new PC with a new warranty, and it isn't from Apple, System76, or some other specialty vendor, it will come with Windows 7.

Dell has plenty of models without Windows. All the -N varieties come with FreeDOS[*], and most of the workstation models can be bought with Red Hat Enterprise.

[*]: If I understand this correctly, Microsoft can't punish Dell for selling computers with competitors operating systems on them, but can punish them if they sell computers without an OS. So FreeDOS it is.

Re:New PCs come with Windows 7

[tepples]

Dell has plenty of models without Windows. All the -N varieties come with FreeDOS

And some Dell N series PCs are available with Ubuntu. I've bought one, and my company has bought one. But Dell hardly advertises N series, to the point where Dell's N series division is in effect a "specialty vendor" compared to the rest of Dell.

Re:New PCs come with Windows 7

[viking099]

But it does work after you give up and resort to reading documentation.

Heresy!

I'll give it another look. Thanks for the head's up.

Some times at hotels you see nameX and X can be 1-

Some times at hotels you see nameX and X can be 1-9 but ones seem to come and go from time to time so likely that goes on there as well even more so when you have like 3-6 AP at the same place and people change to the one with the best single from time to time.

Huh

[sharkey]

Up until a month or so ago, there was always someone advertising as "Free Pubic WiFi". Always made us wonder...

I don't believe that works for TLS.

[anUnhandledException]

While most people use the term "SSL" to refer to "secure internet" most https connections today use TLS.

TLS uses pseudo random element in the handshake which prevents the MITM scenario you described.

Sadly Google Chrome doesn't support TLS (no friggin idea why) so server will negotitate down to the less secure SSL v2 or SSL v1 standard.

IE 8 or later, Firefox 2.0 or later. and Safari (no idea what version) all support TLS but obviously google thinks security is over-rated.

Re:I don't believe that works for TLS.

While most people use the term "SSL" to refer to "secure internet" most https connections today use TLS.

TLS uses pseudo random element in the handshake which prevents the MITM scenario you described.

Sadly Google Chrome doesn't support TLS (no friggin idea why) so server will negotitate down to the less secure SSL v2 or SSL v1 standard.

IE 8 or later, Firefox 2.0 or later. and Safari (no idea what version) all support TLS but obviously google thinks security is over-rated.

Not true, TLS v1 and SSL v3 supported by my Chrome installation?

Re:I don't believe that works for TLS.

Most secure sites have long since disabled SSLv2 to meet basic security standards compliance critera. A browser only supporting SSLv2 today might as well not even support SSL at all because it would be quite useless.

Don't take my word for it. Try setting your browser to SSLv2 only and connect to your online banking site (Or ANY banking or ecommerce site for that matter) using SSLv2 only and see if it works at all.

WRT SSLv3 and TLSv1 they are essentially the same thing and each have the same security properties.

People keep posting their theories about MITM and SSL with intermediate proxies but these schemes all require the user to ignore the security warning caused by their browser detecting the MITM condition.

You can make the judgement that x percent of users will ignore the warning however this is a human factors/education issue separate from the underlying technology.

Re:I don't believe that works for TLS.

[JackieBrown]

Sadly Google Chrome doesn't support TLS (no friggin idea why) so server will negotitate down to the less secure SSL v2 or SSL v1 standard.

IE 8 or later, Firefox 2.0 or later. and Safari (no idea what version) all support TLS but obviously google thinks security is over-rated.

You are wrong but I can see why you would think that by looking at the Options section in chrome

Per Google employee lan Ian Ian
  We explicitly disable SSLv2 (along with MD2 and MD4 certificate signatures). SSL3/TLS1 are enabled by default. It is automatic and hidden.

Re:I don't believe that works for TLS.

[anUnhandledException]

Thanks horribly designed menu then. I mean if it is on and used by default at least inform the user. Even a ? next to the SSL v2.0 option which leads to help html page would be useful.

Thanks for digging that up though. I feel better about using Chrome.

well...

duh.

IPVFore!

I was once called out for an emergency network repair at a local country club. A company had hired out the banquet room for a large business meeting, and could not get the wireless to work. When I arrived on site, I found that everyone in the room was connected to Free Public Wifi, being broadcast by one of the company owners' laptops. Turned out, the golf course did not have a wireless access point at all.

Car analogies

[DrYak]

And as not-metaphorical cars at all, Google cars accidentally picked up quite a lot of un-encrypted confidential data, if you remember the recent scandal, so your ass might be right.

BTW: I do wear a helmet when biking.

Re:Car analogies

[cbreak]

Maybe the new google computer-driven cars pick up stray helmet-less bicyclists too :)

Re:Car analogies

[monkyyy]

dont u mean hit?

The sad thing is...

[Annorax]

... that it is my understanding that this "contageous ad-hoc" SSID issue was fixed by Microsoft YEARS ago.

It just goes to show you that some Windows users never install updates -- and they not only do they not install updates, but they try to get something for nothing....

Time for a message from captain obvious

To those who say "This is an old bug", that doesn't mean we all got to laugh at it back when it was discovered. When it is posted to a popular site like this, it is bound to get a larger viewing audience. In short, the bug may be yesterday's news to you, but not to us.

Re:Time for a message from captain obvious

[koiransuklaa]

This was found in 2005-2006 (see e.g. http://www.nmrc.org/pub/advise/20060114.txt). After that it has been reported in mainstream technology press at regular intervals. At this point the story does feel like a rehash and yesteryears news -- even if _you_ hadn't seen it before.

The sad thing is, the bug was also fixed (according to MS) a long time ago. The fact that this still goes on tells us that a lot people are running Windows XP that hasn't been patched in many years.

We are the knights who say ni

[BcNexus]

And we demand... a shrubbery!


Ni!

Hidden Message in the SSID.

[TheRedDuke]

Seeing that SSID in your client list is just Microsoft's subtle way of telling you to INSTALL XP SP3.

Use it for sadistic benefit

I like to make networks called "Free Pubic WiFi" in airports and especially on airplanes. Then I run a DNS server that answers all queries with my laptop's IP, which serves out a webpage with meatspin on it.

Well ... why not make ad-hoc happen?

[dazedNconfuzed]

With all the overlapping WiFi routers, computers, phones, etc. out there, why not set all up for a mundane ad-hoc network? In time, could overtake wired networks; the consequences could be useful, fascinating, and perhaps staggering...

Re:Well ... why not make ad-hoc happen?

That's what I was thinking of when I set up an AP called "Free Public WiFi" at Trent University in 2004.

To my surprise I saw it soon appearing in Toronto when I visited my girlfriend's folks.

This network was created for the purpose of sharing the school network only, because the school did not have any sanctioned WiFi set up.

Re:Well ... why not make ad-hoc happen?

[mcgrew]

Thank you for that; I've been advocating this for quite a while now.

PLIP anyone?

The defualt is to make your own network if you cannot join one.

So...

[Type44Q]

So this would be like some pseudo-virus masquerading as an Easter egg of sorts, which in tern is masquerading as a software bug/glitch...? :p

I made one in 2004...

I made Free Public WiFi at my school in like... 2004. Not sure who was ever the first to do this but when I suddenly started seeing these in major cities close to me I wondered if students from my city were going back home with it in their XP laptops.

I even wrote an article about it.

http://www.eanbowman.com/blog/2010/08/15/free-public-wifi/

hehehe

[ILuvRamen]

I always thought it was some kind of supernatural haunted cursed phenomenon type thing but I never thought it would actually be something even this freaky and weird. At least other people were seeing it too! lol

Dude

All the people you've described use Apple... Hence no Windows XP...

Free Wifi in France

In France there's an ISP called Free that has wifi hotspots everywhere called "Free Wifi"--of course, it isn't actually free.

Re:Free Wifi in France

[Archon-X]

1. It's 'FreeWifi' - No spaces
2. Free doesn't really mean 'free' in french. That would be 'gratuit[e]'
3. Access to this network is actually free if you have any other Free subscriptions.

Re:Free Wifi in France

[koiransuklaa]

3. Access to this network is actually free if you have any other Free subscriptions.

Huh? Those subscriptions are advertized as including this wireless service and the price is naturally included in the subscription price. How on earth can you call that free?

I see this state of mind from a lot of people, but I just can't understand the thought process... Maybe it has something to do with the fact that non-subscribers can use an alternative method of payment and subscribers think "I don't need to use my credit card to pay, so I'm getting it free!"

Explanation is economic

[qseep]

Every coffee shop and airport I go to has free Wi-Fi. (And a lot of bars too.) But it's in infrastructure mode and named after the establishment. I think the explanation is economic; that it's an incentive for you to come in and buy their stuff.

I don't think this is really a bug...

This is right up there with all those other "bugs" that allow third party linux boot disks to change the administrator password on a windows computer without disk encryption or rely on users to be stupid and install a virus on their own machines.

The key here is "adhoc" network which is a network of peers unlike "infustructure" mode where a device is dedicated to marshalling connectivity amoung many devices.

The label of the network *is* the network. If your computer was attached to the network when you turn it off then is it really a bug or surprising that when you turn it on in a new location your computer is still a peer in the network and anyone else who attaches to said network completes the network?

With the "bug" designation you are basically describing the entire point of adhoc mode in the first place.

Re:I don't think this is really a bug...

Microsoft and every other OS manufacturer in the world disagrees with you: no current OSes do this (including Windows XP).

Creating an ad-hoc network without any explicit user action is stupid and clearly a bug. No-one would complain if it just re-created the ad-hoc network after the user had done that once but this is not what happens. Talking about "network of peers" is weaseling out -- creating a new network should be an explicit action.

if data collection is possible...

[underqualified]

this could help scientists anticipate/study how a world-wide epidemic like bird flu could/has spread.

Bullet proof vests

[DrYak]

Th subtle difference is that your house's front door doesn't automatically try to put a bullet-proof vest on you.

Whereas, most wizards (like the "add account" of latest serie of thunderbird), most FAQ/HOWTO (at least of the mail providers I've seen), and most of the webmail interfaces all try to provide encryption.

(Thunderbird automatically checks if frequent protection as IMAPS or STARTTLS, etc. are available, FAQ usually exhorts you to use STARTTLS, and few webmail feature plain HTTP access)

So if someone has a mail set up to use clear communication, it means the person has actively ignored all security suggestions.

It would be like leaving a car unlocked at night, even if the local police recommends to lock it and turn the alarm on.

From that point on, it's going to be difficult to do anything more to prevent problems.

I see this on Amtrak trains

[kriston]

I see this access point name on Amtrak trains all the time between NYC and Washington. I thought there was some sort of coordinated honeypot password-grabbing hacker attempt going on. Turns out it's just Windows users' laptops trying to find a connection which does not exist on Northeast Regional trains (yet).

Very fascinating expose!!

repeat story

I'm too lazy to search for it but this was a /. story in the past, about 1-2 years ago I believe.

It's 2010.

Old news day, huh?

Re:

I'd better start looking for these hotspots then.. finally getting my crappy ubuntu upgraded to XP.

Am I being thick?

[tehcyder]

But why hasn't this been noticed in the 8 years since Windows XP came out?

stupid

What the hell are you guys talking about?