Comments on: Your Wi-Fi can tell people a lot about you

People who sniff wireless network traffic have many tools at their disposal to intercept sensitive data from PCs.

[WJeansonne]

Blackhats Should Be Skewered--at the least!

Or drawn and quartered at a minimum. To publicly dissimenate a tool like this with so brazen an attitude and to act they act so cocky about it in the process. They truly need to be humbled by some good old fashion torture techniques, IMHO, LOL. They are evil and vindictive to say the least. Fight fire with fire, I say!!

Now, where is that mace I bought last year.

[ballssalty]

They should be rewarded at the least!

Are you kidding me? These people are warning you that public wireless or even private wireless networks are not secure and just starting up your wifi leaks information. Guess what that is information the public needs. Do you think the people who make the wifi routers, access points and cards are going to tell you this?

Do you think the people who have malicious intent are going to let you know? They aren't. The Blackhat conference is doing us a great service.

I plan on downloading that tool and seeing what my laptop leaks out when I start it up and if my network is truly secure.

[pete_the_pirate]

A few simple counter-arguments

1. Being ignorant of the personal information your computer is spewing onto the airwaves doesn't make it stop.
2. Don't assume everyone is as ignorant as you are. The "bad people" already knew how to get this information.
3. You really don't do much for your credibility by putting "IMHO, LOL" in the middle of your post. It makes you sound like a third grader.
4. What is a third grader doing with mace? You should be ashamed of yourself.

[0x90]

No, no, no!

Sir,

You are very misguided. Security research is very important in order to protect everyone. Should law enforcement or the healthcare industry stop doing their research as well? Should they also be tortured and killed for finding things that make us uncomfortable?

It may seem like exposing this information is a bad thing, but I can assure you that without this information the world would be far worse off.

[Schratboy]

Blackhats: Pillory the scoundrels

I agree. These people, under the banner of "we're here to help you" are merely perpetuating their own commercial self-interests while helping the malcontents in their efforts. I call it the neo-electronic criminal eco-system.

[CapoNumen]

Head in the sand

Head in the sand, ass in the air.
Not much a defensive posture there genius.
BTW
For all the public exploits many others that have never been disclosed also exist.
Also ANY of the current encryption schemes can be decrypted given enough time and effort.
So the advise given here should be taken very seriously, with huge helpings of thanks.

[bemenaker]

WTF?

Uhm, network sniffers are nothing new, they are more useful to whitehats and network professionals than they are to hackers. Yes, they can be used for nefarious reasons, but are an extremely valuable tool. This tool isn't really any different from other sniffers, (from what I can tell so far), other than it starts to capture what you send out as the OS boots up.

There is nothing wrong at all with releasing tools like this to the world, and it will help me make some important determinations regarding wifi in my place of employment.

[Cato42]

Useful information

Both the article and the information/sniffers mentioned are useful
for anyone who uses Wi-Fi for pretty much anything. What one
gleans from this is that unprotected Wi-Fi use is much riskier than
most people realize--and that even "secure" use isn't really secure.
Unfortunately, the problem is likely to get worse before it gets
better. Freedoms are more often given away than taken.

[Stating]

Disable WiFi, Use Software Firewall

Seems like the sensible thing to do is disable your wireless device before booting up, boot, let your laptop's software firewall start up, then start your WiFi. Stealth your wireless network with port blocking. And for god sakes, don't use file sharing over WiFi. Unbind File and Print Sharing from your wireless adapter. If you can, unbind Microsoft's networking protocol too.

The key to security is simplicity, simplicity, simplicity. But what do we get with products like Vista? Complexity, complexity, complexity. Unnecessary complexity at that. How many new services does Vista add? One dozen? Two dozen? Three dozen? Must be a hackers dream.

[Dachi]

How has WPA2 been holding up?

I don't know of any properly configured WPA2 networks getting owned, can anyone else comment on this?

[internetmarine]

WPA2

WPA2 can form an unassailably secure network.
But that is not the problem.
Most open sites cannot be WPA since there is no way to share the
key...and most people wouldn't care to make any extra step beyond
what they do now.

[turls]

"experts" say don't use wireless for banking??

Who are these experts that are saying not to use wireless networks for internet banking? Those are the sites that are SAFEST to use over wireless because they use SSL encryption! Check your e-mail, you give up your login credentials, but if you check your bank account, you're safe. Silly misinformation!

[pete_the_pirate]

Riiiight...

I completely agree with you. Let's meet up in a coffee shop somewhere, get on the Internet, and talk about it some more.

The point isn't that banks are less safe than online email accounts (some of which use SSL), it's that you care a lot more about the theft of that $3.50 in your checking account than you do about someone reading your email. Why not avoid the additional risks from public wireless networks and wait until you get home to check your bank account?

[0x90]

SSL does not make you safe

Uhh.. SSL doesn't make you safe.

At least not always. While it is mostly true (barring an SSL MITM) that information sent between your computer and a bank site is mostly secured, a successful attack on a wireless system could own your machine. There evil twin attacks, DHCP or ARP spoofing, WEP attacks, root exploits on adpaters, etc. And that is not even beginning to address all of the web app security woes that SSL will NEVER prevent found on bank apps. I can personally attest to having found 100s of vulnerabilities in online bank apps. I'm just glad that the SSL was there to help encrypt my attacks.

[dovad]

This doesn't have to be...

A simple and free solution to the perils of this article is a VPN called "HotSpotShield" available from a company called "AnchorFree" (www.anchorfree.com). I'm amazed that more people are not aware of it. I've been using it with open and protected WiFi sites for about 6 months.

[solrosenberg]

Not the greatest solution

So now instead of schleping a laptop around to overpriced coffee shops, crackers can just focus on breaking into this "AnchorFree" outfit where all of the traffic is being concentrated. And there's always the possibly that "AnchorFree" themselves are crackers. What a great way to set yourself up in the middle of Internet traffic: offer a "free security service" that sends all traffic through you.

[solrosenberg]

David Maynor

So David Maynor's back in the news after faking that Mac OS X exploit. Now he's peddling something that sounds like what dsniff's been able to do for almost a decade now. Yawn.

[wbenton]

WOW!!!... This info is so... ???

WOW!!! This info is so old...

I don't see anything really new in this article than I've known for quite some time... ever since wireless devices came out.

About the only new thing is the tool which allows not only you to see, but will also fall into the wrong hands and allow everybody else to see other's information too.

Too many times, tools made for a good purpose have turned out to also be quite usable for bad purposes...

This happens to be one of them. Rather than spending the time to show people what kind of info they're spewing out... they need to make a tool that will go in and tweak WiFi settings such that the leaked information is minimal and to warn/prevent users who try to do anything that WILL LEAK their information to others!

FWIW

[katamari]

Confused...

==> The Errata sniffer, dubbed Ferret, packs more punch than other network sniffers already available, such as Ethereal and Kismet, because it looks at so many different protocols, Graham said. Some at Black Hat called it a "network sniffer on steroids."


Uhh... what? Ethereal, tcpdump, snoop... they all do the same thing: look at _any and all traffic_ coming across the interface you choose. When I say all/any, I do mean all/any.

The analysis of the underlying protocol isn't necessary, because the packets are already there on your screen and you can work with them however you see fit.

Therefore, I'm confused why this utility is somehow different. If anything, it seems more limited, since it picks apart all traffic and looks for 25 specific protocols -- versus normal sniffers which pick up everything.

[mhteicher]

How is ErrataSec any different from SandStorm Enterprises

Ferret appears to be very similiar to SandStorm Enterprises tools ""tools with sharp edges". NetIntercept and LANWATCH is a commercial product that has been around for a while, co-founded by someone older than Mr Maynor. Hacker mentality, wasn't this covered at a BlackHat Talk in 1997 basically stating, hackers should stop trying to break things and start fixing things, otherwise security issues will only become worse.

I know Mr. Graham knows better, maybe he is being influenced by the Apple Wi-Fi fame of Dave Maynor..