For those who don't know, MSNBC picked up this story: http://www.msnbc.com/news/746380.asp "May 1 - Think you are safe from the cryptic world of wireless computer hacking? Think again. Security researchers who study wireless networks have found another embarrassing information leak, this one involving well-known retail giants." As a side note to the anonymous post below, I recently did some research on the Symbol 802.11 (not 802.11b) APs and cards that use FHSS. The setup I was looking at did not implement any security features, but as a result of the design of the hardware, the implementation was very secure. First off, FHSS itself is more secure than DSSS, as FHSS switches frequencies some 70 times or so per second. Sniffing this is impossible, even when I am properly associated to the AP. I looked around extensively for any practical examples of sniffing FHSS but was unable to come up with anything other than theories. Symbol APs are also one of the few brands that, by default, do not allow an "Any" SSID to associate to the AP. With no way to sniff the traffic there is no way to associate to the AP unless I know the SSID. Other than being told that there was a wireless network in a particular location, I was unable to find any evidence of it existing. Of course, if they are using 802.11b and DSSS, this is a whole different story. Steve -----Original Message----- From: Blue Boar [mailto:BlueBoarat_private] Sent: Wednesday, May 01, 2002 11:06 PM To: vuln-devat_private Subject: Re: Wlan @ bestbuy is cleartext? Yet another anonymous poster: --------------------------- If you don't see 802.11b access points the store is probably using older FHSS-based cards (frequency hopping spread spectrum) instead of the newer DSSS (direct sequence spread spectrum) cards. Since the physical layer is different, new cards won't see older access points. Most POS systems based on 802.11 use cards OEM'd from Symbol, the original Spectum24 cards. The new Spectrum24 High Rate cards use DSSS instead of FHSS. --------------------------- BB
This archive was generated by hypermail 2b30 : Thu May 02 2002 - 10:00:52 PDT