Comments on: Windows Wi-Fi patch could be long time coming

Microsoft confirms a Wi-Fi security flaw in Windows XP, but the wait for a fix may be as long as 18 months.

[Mister C]

Holly Eavesdropping Batman!

My son, who is a computer security guy was helping a neighbor with her new laptop. Upon boot up he said hey look at this, there are 3 Wi-Fi's in the area and only one is secure. I could do what ever I want with the other 2. I wonder how many kids are out there going through peoples machine without the owners having a clue?

[206538395198018178908092208948]

Holly Eavesdropping Batman!

it is called wardriving, and yes you can connect and ********************************* are full, all they have is potentially a mac address, but how will anyone know what that is, if they did not bother to set up the AP properly??, how can they say it is me or you using it if your not connected for hours on end?? to get the mac address??

at my shop here i see 6 unsecured AP's and 4 maybe 1/2 secured systems, i can connect and get online to all the unsecured and 2 of the secured systems, and they would be clueless to begin with

[Mister C]

Holly Eavesdropping Batman!

My son, who is a computer security guy was helping a neighbor with her new laptop. Upon boot up he said hey look at this, there are 3 Wi-Fi's in the area and only one is secure. I could do what ever I want with the other 2. I wonder how many kids are out there going through peoples machine without the owners having a clue?

[206538395198018178908092208948]

Holly Eavesdropping Batman!

it is called wardriving, and yes you can connect and ********************************* are full, all they have is potentially a mac address, but how will anyone know what that is, if they did not bother to set up the AP properly??, how can they say it is me or you using it if your not connected for hours on end?? to get the mac address??

at my shop here i see 6 unsecured AP's and 4 maybe 1/2 secured systems, i can connect and get online to all the unsecured and 2 of the secured systems, and they would be clueless to begin with

[nicholasmiller]

It's called WiPhishing

I identified this problem some time ago and coined the phrase "WiPhishing" to describe it. Check out this link for a peice NBC Dallas did on it last year: http://cf.nbc5i.com/dfw/sh/videoplayer/video.cfm?id=4459208&owner=dfw Try sitting outside any office building with a $50 router or access point with an SSID of Linksys and see what happens, the results are shocking as usually within a short time, numerous laptops will start to automatically conect to it.

Also try Googling WiPhishing or check out www.cirond.com for more info.

The problem is actually potentially worse that the article describes, as if the user's laptop is connected to a wired network when it is WiPhished, the hacker can potentially acces not only the laptop but also the network to which it is connected. The bottom line is that whenever a wirelss laptop's wireless adapter is on, data on that laptop and data on a wired network to which it is connected are potentially at risk.

[Mister C]

Yikes!

Makes me want a Wi-Fi in my house so I can do my banking while I watch the Simpsons!

[nicholasmiller]

It's called WiPhishing

I identified this problem some time ago and coined the phrase "WiPhishing" to describe it. Check out this link for a peice NBC Dallas did on it last year: http://cf.nbc5i.com/dfw/sh/videoplayer/video.cfm?id=4459208&owner=dfw Try sitting outside any office building with a $50 router or access point with an SSID of Linksys and see what happens, the results are shocking as usually within a short time, numerous laptops will start to automatically conect to it.

Also try Googling WiPhishing or check out www.cirond.com for more info.

The problem is actually potentially worse that the article describes, as if the user's laptop is connected to a wired network when it is WiPhished, the hacker can potentially acces not only the laptop but also the network to which it is connected. The bottom line is that whenever a wirelss laptop's wireless adapter is on, data on that laptop and data on a wired network to which it is connected are potentially at risk.

[Mister C]

Yikes!

Makes me want a Wi-Fi in my house so I can do my banking while I watch the Simpsons!

[zaznet]

Manual Configuration.

This is why you want to manually configure your network and the devices that attach to it. It is easier to "plug and play" but very dangerous.

Configure your router, enable security options that require a key. Configure your comptuers to add the network and disable auto-joining other networks.

This is just one of those ease of use features that have constantly been a problem for PC users.

If you do not know how to set up the network, get someone to come over who does know how to do it.

[Mister C]

You hit the nail . . .

My son knows how to tighten things up (that's his job) but the girl he was helping sure doesn't. And I would be willing to bet, of the 3 systems he found the 2 that were open didn't either.

Couldn't there be a D/L patch that would shut this off by default? It sure seems to me that way to many systems are needlessly at risk.

[zaznet]

Manual Configuration.

This is why you want to manually configure your network and the devices that attach to it. It is easier to "plug and play" but very dangerous.

Configure your router, enable security options that require a key. Configure your comptuers to add the network and disable auto-joining other networks.

This is just one of those ease of use features that have constantly been a problem for PC users.

If you do not know how to set up the network, get someone to come over who does know how to do it.

[Mister C]

You hit the nail . . .

My son knows how to tighten things up (that's his job) but the girl he was helping sure doesn't. And I would be willing to bet, of the 3 systems he found the 2 that were open didn't either.

Couldn't there be a D/L patch that would shut this off by default? It sure seems to me that way to many systems are needlessly at risk.