RE: Wlan @ bestbuy is cleartext?

From: Steve Maks (smaksat_private)
Date: Thu May 02 2002 - 08:34:41 PDT

Next message: SpaceWalker: "Re: static char overflow"

Previous message: Joe Harrison: "RE: Wlan @ bestbuy is cleartext?"
Maybe in reply to: Blue Boar: "Wlan @ bestbuy is cleartext?"
Next in thread: Hans Barboza: "RE: Wlan @ bestbuy is cleartext?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For those who don't know, MSNBC picked up this story:
http://www.msnbc.com/news/746380.asp

"May 1 - Think you are safe from the cryptic world of wireless computer
hacking? Think again. Security researchers who study wireless networks have
found another embarrassing information leak, this one involving well-known
retail giants."

As a side note to the anonymous post below, I recently did some research on
the Symbol 802.11 (not 802.11b) APs and cards that use FHSS.  The setup I
was looking at did not implement any security features, but as a result of
the design of the hardware, the implementation was very secure.  

First off, FHSS itself is more secure than DSSS, as FHSS switches
frequencies some 70 times or so per second.  Sniffing this is impossible,
even when I am properly associated to the AP.  I looked around extensively
for any practical examples of sniffing FHSS but was unable to come up with
anything other than theories.

Symbol APs are also one of the few brands that, by default, do not allow an
"Any" SSID to associate to the AP.  With no way to sniff the traffic there
is no way to associate to the AP unless I know the SSID.  Other than being
told that there was a wireless network in a particular location, I was
unable to find any evidence of it existing.  

Of course, if they are using 802.11b and DSSS, this is a whole different
story.

Steve

-----Original Message-----
From: Blue Boar [mailto:BlueBoarat_private]
Sent: Wednesday, May 01, 2002 11:06 PM
To: vuln-devat_private
Subject: Re: Wlan @ bestbuy is cleartext?


Yet another anonymous poster:

---------------------------
If you don't see 802.11b access points the store is probably using older
FHSS-based cards (frequency hopping spread spectrum) instead of the newer
DSSS (direct sequence spread spectrum) cards. Since the physical layer is
different, new cards won't see older access points. Most POS systems based
on 802.11 use cards OEM'd from Symbol, the original Spectum24 cards. The
new Spectrum24 High Rate cards use DSSS instead of FHSS.
---------------------------

						BB

Next message: SpaceWalker: "Re: static char overflow"
Previous message: Joe Harrison: "RE: Wlan @ bestbuy is cleartext?"
Maybe in reply to: Blue Boar: "Wlan @ bestbuy is cleartext?"
Next in thread: Hans Barboza: "RE: Wlan @ bestbuy is cleartext?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu May 02 2002 - 10:00:52 PDT