I've been watching out for interesting reports coming out of last week's Black Hat Convention in Arlington. Apart from the RFID fiasco I commented on a few days ago, the main story seems to be a demonstration by Errata Security of a new sniffer tool, shortly to be made available, that helps categorise intercepted WiFi emissions.
Of course there's nothing new in the vulnerability of insecure WiFi networks to determined attacks. But these tools make attacks much easier to mount and will therefore create an increase in the potential threat level. I've often found that users will simultaneously adopt a more sophisticated approach to their use of IT when the usability of their tools exceeds a certain threshold. So any advance in sniffer tool usability might herald a new wave of attacks. One to watch for, though of course the problem is that such interception is largely invisible.
Comments (1)
Microsoft have brought out a patch to resolve this for Windows XP SP2. See
http://support.microsoft.com/?kbid=917021
But the patch doesn't seem to be included in automatic updates and once installed you need to configure securely
Posted by Ur0wn3d | March 5, 2007 1:36 PM
Posted on March 5, 2007 13:36