Re: Backdoor LAN

[InfoSec News <isn () c4i org>]

Forwarded from: Peter A. DeNitto <denitto () dimsum alde com>

I read this and I wonder what the point is.

All the 802.11b wireless commercial ventures require you to hit a web
server so they can bill you.  Now, the billing is not inherently
insecure, it uses SSL encrypted above the network layer.

But having someone have access to an open share, why is this the
problem of the network provider?

Why are these insecurities that are inherent in the operating system
blamed upon the network medium?  It's not T-Mobile's fault that your
system is set up so insecurely as to have an open share.  I hope Bill
Burns is more savvy than this and was merely noting that he could
browse for other peoples computers.  And news flash: you can browse
for peoples shares on wired lans as well.  It's called a broadcast
packet, you know, the same technology that ARP & DHCP use?

Don't expect them to offer WEP services just yet.  How do you explain
to Retail Employee how to assist Uninformed User how to set a WEP key?  
Ok, now explain them how to do it on 8 flavours of Windows.  Now try a
MAC. Ok, why not sit a paid employee to sit in a Starbucks and assist
everyone? Now try to create a business model that can make money doing
that. People can barely manage to change SSID's on their own.

T-Mobile's response is the response I'd offer.  When will people stop
complaining about wireless "insecurity" and press their application
suppliers for secure applications?  Why do people continue to use
unencrypted POP instead of a secure POP or SSL encrypted IMAP?  It's
about encryption at the application layer, not about encryption at the
network layer, and until the industry "gets it" we're doomed to an
insecure network.

Stop beating on 802.11b.  It's as secure as everything other shared
medium.  Get something real to write about.

--Pete


On Fri, 18 Oct 2002, InfoSec News wrote:

> http://www.unstrung.com/document.asp?doc_id=22807
>
> Dan Jones
> Senior Editor
> Unstrung
> 10.17.02
>
> LAS VEGAS -- Veterans of past Cellular Telecommunications & Internet
> Association (CTIA) shows tell us one major security problem they faced
> was having their analog phones cloned.
>
> Happened all the time apparently...
>
> These days we face a different threat, namely that the free wireless
> LAN network we're using to get online -- provided by T-Mobile U.S. in
> this instance -- is offering potential hackers a backdoor to get at
> data on your laptop.
>
> It works like this. T-Mobile has a proxy set up so that the user is
> directed to their Website and clicks to login before they get access
> to Internet connectivity. However, access to the wireless access point
> is not password protected, so the network itself is open. Basically,
> any shared areas on your hard drive are visible to other people on the
> network.
>
> Unstrung Website engineer Bill Burns noted the problem when using the
> service at his local Starbucks. However, we should stress that this is
> pretty common with public wireless LAN access systems, certainly not
> something that is exclusive to T-Mobile's HotSpot service.

[...]



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.