[MLB-WIRELESS] More on Wifi security
gabrielle harrison and Paul van den Bergen
gabpaul at melbpc.org.au
Mon Aug 14 14:51:49 EST 2006
yep, sounds about the size of it... It's the right guy (Johnny cache) at
least, and device implementation is the right subject.
the hype is (presumably) intentional as a mechanism to prod/publicity
stunt at Blackhat to get attention about a serious design flaw.
On Mon, 14 Aug 2006 14:36:02 +1000, Troy Mitchell <txrx at eridu.net> wrote:
> Looks like they are referring to this:
> (in a hyped-up mainsteam media kind of way..)
> Fun with 802.11 Device Drivers
> Johnny Cache
> The 802.11 link-layer wireless protocol is widely known for its design
> flaws. Unauthenticated management packets, a ridiculous attempt at
> link layer confidentiality and authentication (WEP), and general vendor
> stupidity have all contributed to 802.11 being the most sensationalized
> protocol ever mentioned in the media.
> All of the above topics have been beaten to death. Instead this talk
> explores new advances not in design problems in 802.11, but in
> implementation issues. The two major advances in 802.11 security will be
> covered, device driver vulnerabilities and link layer fingerprinting
> techniques. 802.11 fingerprinting represents the first time that a
> link-layer protocol has been vulnerable to finger-printing attacks. These
> attacks can provide useful information to the attacker, allowing him to
> accurately target the latest weapon in any wireless hackers arsenal:
> device driver exploits.
> Johnny Cache is responsible for many wireless hacking tools. These
> jc-wepcrack (a distributed wep-cracker) jc-aircrack (a complete aircrack
> re-write in C++), and also helped h1kari create pico-wepcrack (a FPGA
> accelerated WEP brute forcer). Cache is currently pursuing his Master's
> degree in computer security. He is also co-author of "Hacking Exposed
> Wireless". His latest accomplishments can be found in Airbase, available
> -----Original Message-----
> From: melbwireless-bounces at wireless.org.au
> [mailto:melbwireless-bounces at wireless.org.au] On Behalf Of Steven Haigh
> Sent: Monday, 14 August 2006 1:52 PM
> To: melbwireless at wireless.org.au
> Subject: Re: [MLB-WIRELESS] More on Wifi security
> On 14/08/2006, at 1:04 PM, gabrielle harrison and Paul van den Bergen
>> just when I thought it was safe again.
>> warning - article short on detail.
> Wow. I read two pages of text and think I became dumber in the
> process :p
> Does anyone have any real details on just what on earth they are
> talking about? Something about hacking the driver to take control of
> the machine?
Dr Paul van den Bergen
Chance favours the prepared mind
More information about the Melbwireless