Latest in Security

Image credit:

"Free Public WiFi" on a plane = XP wireless goof


The initial error was mine: I was running XP (in Boot Camp) before I got onboard, and forgot to reboot in Mac OS X (where my iTunes library of "hey kids, let's keep quiet while the other passengers sleep!" videos lives) prior to the flight. Once we reached cruising altitude, I fired up the MBP and quickly went to turn off my Airport card, as all good Americans must do... and what on Earth (or high above it) is that "Free Public WiFi" peer-to-peer network doing on a PLANE?? Someone is not paying attention!

I had seen these "Free Public WiFi" peer-to-peer networks around before, usually in airports, and had ignored them as malware honeypots; the truth is apparently a little less malicious but still pretty scary. It seems that our friends in Redmond have (since Jan 06) some strangeness in the wireless network management routines under XP; any WLAN that a Windows machine joins gets 'echoed' back out as an ad-hoc SSID if the machine can't find the previous connection (an implementation of RFC 3927).
David Maynor, of "MacBook WiFi Hack" fame, posted on the quirky fun back in January, as did Brian Krebs. The result of this 'feature' is that certain bogus SSIDs spread in viral fashion wherever large numbers of Windows laptops congregate. Machines may be joining the same ad-hoc network unintentionally, and a malicious user could attempt exploitation of those machines without warning.

Reason #2048 why I love my Mac: wireless security flaws in OS X are obscure, debatable and mostly academic, not readily visible in every airport and bus terminal.

From around the web

ear iconeye icontext filevr