Content

Wi-Fi driver vulnerabilitites

Researchers David Maynor and Jon Ellch have discovered a way to compromise computers via some flaws in the device drivers for the wireless cards using LORCON – you don’t even have to be using the card – the radio just needs to be active.  The are fairly tight lipped about the methods, as they will demonstrating the attack at Black Hat USA 2006.

Remember Simple Nomad’s presentation about hacking the friendly skies at Shmoocon this year?  More wireless problems, which are left exposed by just having your wireless turned on – you don’t even have to be using it.

A few words to the wise:

– Don’t use the wireless at Black Hat (for this and many other reasons), or any other convention, or any untrusted hotel network unless you intend to wipe your drive and reinstall – especially at security/hacker/phreaker conferences.

– Don’t store any personal information, or any other information that you don’t want freely available on your mobile device that you use at above conferences.

– Shut off your wireless card when not in use

– Practice defense in depth, just in case. 

– L

Researchers hack Wi-Fi driver to breach laptop

Larry Pesce

Larry’s core specialties include hardware and wireless hacking, architectural review, and traditional pentesting. He also regularly gives talks at DEF CON, ShmooCon, DerbyCon, and various BSides. Larry holds the GAWN, GCISP, GCIH, GCFA, and ITIL certifications, and has been a certified instructor with SANS for 5 years, where he trains the industry in advanced wireless and Industrial Control Systems (ICS) hacking. Larry’s independent research for the show has led to interviews with the New York Times with MythBusters’ Adam Savage, hacking internet-connected marital aids on stage at DEFCON, and having his RFID implant cloned on stage at Shmoocon. When not hard at work, Larry enjoys long walks on the beach weighed down by his ham radio, (DE KB1TNF), and thinking of ways to survive the impending zombie apocalypse.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.