Tag: wireless

Apple new product summary in fifteen heartbeats

Not particularly favorable.

The world is getting a sexy little laptop with wireless-only connectivity and an irreplaceable battery – the MacBook Air. They are also getting a 1TB drive that works over the radio – the Time Capsule.

This time next year, a bunch of MacBook Air owners will have laptops that lose their charge in twenty minutes, and they’ll have to pay $120 or so to get them fixed. They’ll be looking silly at their next coffee-shop meeting too, when the colleague says “oh I’ve got that file on CD.” Or worse…”I’ve got that file on my portable Firewire drive” (there’s no Firewire on the device either). This convenience have cost them roughly two grand to start.

Meanwhile, a whole bunch of other folks will have nifty storage units sitting on their shelves. They’ll download a 1.4GB movie from iTunes, which takes this user roughly a half-hour, and then they get to stir for another fifteen minutes when they decide to store it for future use. Big drives mean lots of (and big) files – transfer over the airwaves is a pain in the ass, 802.11n or not. I’m shopping for a new backup drive now, and won’t even consider one without (at least) Firewire 400.

It’s a lot of kit that seems destined to waste time as well as money. There’s an economic slowdown in the midst, and by the time people have money to burn there will already be something better out. Technology advances quickly, and I think Apple’s timing is off. Steve Jobs spoke, then Twitter went down? Give me a break – nobody cares.

But how about Apple’s stock price? Down 15 points in the past two days.

Why Bruce Schneier Having An Open Wi-Fi Network Is No Good Reason For You To

Bruce Schneier, cryptography king, keeps his home network open. And despite what Tim Lee wrote in support of the idea, please don’t listen.

The justification is that the risk of someone using your network for illegal means is very low, while the risk of you getting hacked at the local coffee shop is potentially higher. Hence, worry about your machine, not your home connection.

I say BLAH! This piss poor argument ignores two significant points:

1) There is little or no benefit to you from opening your network; and

2) It takes minimal effort to secure your network with a password.

The risks may be low, but meanwhile you have nothing to gain. Meanwhile, the effort necessary to provide that little extra layer of protection likely outweighs the cost of that single long tail incident – one that could potential cause you tons of legal hassles.

If you are hell bent on providing web access to home visitors, I’ll take for granted that you trust them. Give them the key, like I do. Or if you’re wearing a tinfoil hat as you hand them their coffee, ask them to allow you to type it in yourself.

UPDATE: Being open can cause hassles (unless you don’t consider having your computer confiscated by less than technology savvy law enforcement officers a hassle).

Mac hack turns FUD?

A taped demo at Blackhat (taped because the demonstrators were fearful someone would interfere) was supposed to show a MacBook wireless vulnerability. As it turns out, the drivers that SecureWorks researchers used were from a third party.

So much for taped demos.

***UPDATE***

You have to love this line:

“As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available.”

Responsible disclosure my ass. Can anyone say “banned from Blackhat demos, for life?”

***UPDATE 2***

Maybe that should be journalists banned from Blackhat instead.

Is it Mac, or is it Memor…I mean Atheros

It must be wireless hack day. A debate has ensued over at Brian Kreb’s Security Fix (WaPo) over…wireless vulnerabilities.

A demonstration is happening today at Black Hat Briefings, whereby two fellas will present hijacking a MacBook in sixty seconds flat. The question at hand – is this an OS X issue or a wireless vendor (in this case Atheros) issue?

Wireless waste of pubic funds

Police in Douglas County, Colorado (right down the street from Spamroll) are going to start wardriving for the purpose of warning open wireless device hosts of impending danger.

I wish I could properly spell out what a complete waste of time and money this is, but I guess some bureaucrat thought it was a good idea. The problem with wireless hacks is not the open device, but the devices behind them that lack security of their own. Need it defined further? If you run a wireless computer behind a network in administrator (or root) mode, it really doesn’t matter whether you have WEP (the only really easy wireless encryption that everyday folks employ) running on that hub/router. Someone is going to get you if they want to.
(more…)

Possible and probably Windows wireless flaw

People find vulnerabilities in Windows machines all the time, but most of them are discovered under very specific, almost lab-like conditions. Trying to re-create the problem in an “everyday use” scenario is often difficult (particularly for the average user), but the latest Windows wireless vulnerability, discovered by Matt Loveless, is anything but irreplicable.

Do something as simple as connect at a Starbucks T-Mobile Hotspot, and next time you go out looking for a connection, someone could be connecting to you. WIndows broadcasts the last SSID it connected to when out looking for new ones. A hacker close by can capture that name, set their computer to the same, and connect to your machine without warning.

Imagine how many people last connected to the largest competitor to those paid HotSpots – that ubiquitous WiFi provider called “linksys.”

Mobile spam going broadcast style

No doubt this is going to be fun. In the capital of spams and scams, the kingpins are preparing for the next wave – unleashing broad-based advertising to mobile phones.

Lending a helping hand

Techdirt just noted that one of the AOL subscribers to its Techdirt Wireless newsletter has been reporting the email as spam, and that AOL is now giving them a hard time.

Techdirt is being forced to remove all AOL subscribers to the email, in order to keep AOL off their backs, and despite having a compliant double opt-in policy for subscriptions.

Will the joker that keeps reporting the Techdirt Wireless newletters as spam please use the unsubscribe link at the bottom of the newsletter, rather than punishing the rest of the subscribers through their “actions” and inaction.

Wireless Phish is not a cousin of flying fish

You can batten down the hatches of your home wireless access point, but if you are used to Wi-Fi for home and travel, that may not prevent you from getting hacked (that is if the stories circulating have any validity).

While wi-fi phishing is nothing new, there has been a spate of new attempts targeting business travelers.
(more…)

Feds crack neighborhood wireless

A while ago I told you home-wireless junkies that someday you would get a knock on your door, and some law efforcement officer would accuse you of spamming. When you didn’t hear it, I said it again.

Now I have to admit, I was all wrong.
(more…)