Windows 7 Can Create Rogue Wi-Fi Access Point 123
alphadogg writes "Windows 7 contains a 'SoftAP' feature, also called 'virtual Wi-Fi,' that allows a PC to function simultaneously as a Wi-Fi client and as an access point to which other Wi-Fi-capable devices can connect. The capability is handy when users want to share music and play interactive games. But it also can allow on-site visitors and parking-lot hackers to piggyback onto the user's laptop and 'ghost ride' into a corporate network unnoticed."
While this means a bit more policing for networks meant to be locked down, it sounds like a good thing overall. Linux users, meanwhile, have had kernel support (since 2.6.26) for 802.11s mesh networking, as well as Host AP support for certain chipsets.
Hard shell, gooey centre security obsolete (Score:5, Insightful)
De-perimeterization (perimeter erosion) Explained [opengroup.org]
Distributed Firewalls [columbia.edu]
Serious issues found with X (Score:5, Insightful)
No biased reporting here on /. Just the facts. (Score:5, Insightful)
I have lots of criticisms of Windows generally and I run XP and Kubuntu, but SoftAP is a network management issue for corporate networks, not a "rogue".
Re:Serious issues found with X (Score:5, Insightful)
Microsoft Z has been found to contain feature X, which purports to do Y but used incorrectly could instead cause W! Linux has had feature X since 20VV, the 'Year of the Linux Desktop'.
True. Incompetent users are the problem irrespective of platform. Never forget - computers do what you tell them to do, not what you meant them to do
Watch us both get modded down now
What is this crap (Score:5, Insightful)
Re:Linux Treats You Like An Adult.... (Score:3, Insightful)
Yes, it's that simple... and for most people, they don't want to research all that.
And if Linux wants to be popular with those people, it's going to have to change a bit.
It's more than knowing how a computer works. The only thing you're talking about right now is software. You're not talking about having to know how a graphics card works in order to use it. You're talking about software configuration. But the problem I have with your simplistic explanation is this: for most people, a generic configuration does work nicely.
And allow me to say I'm glad "Linux" didn't make my digital camera. I'd hate to have to go research on forums just to figure out how to take a picture at a different resolution than it was set at ;) Joking aside, I'm somewhat serious. Most people want to research how to configure things they like working on. Most people don't like working on the computer... most people like working on something ELSE on the computer.
Re:Serious issues found with X (Score:3, Insightful)
Slashdot reported on it earlier, then it was complaining that it wasn't finished. Now it's complaining that it can be made to work.
http://mobile.slashdot.org/story/09/11/03/1649246/Unfinished-Windows-7-Hotspot-Feature-Exploited?from=rss [slashdot.org]
"It wasn't all that long ago that Microsoft was talking up the Virtual WiFi feature developed by Microsoft Research and set for inclusion in Windows 7, but something got lost along the road to release day, and the functionality never officially made it into the OS. As you might expect with anything as big and complicated as an operating system though, some of that code did make it into the final release, and there was apparently enough of it for the folks at Nomadio to exploit into a full fledged feature. That's now become Connectify, a free application from the company that effectively turns any Windows 7 computer into a virtual WiFi hotspot — letting you, for instance, wirelessly tether a number of devices to your laptop at location where only an Ethernet jack is available, or even tether a number of laptops together at a coffee shop that charges for WiFi."
Re:No biased reporting here on /. Just the facts. (Score:3, Insightful)
Re:Serious issues found with X (Score:5, Insightful)
No, a VENDOR who wants to sell you lockdown software is complaining that it can be made to work.
Re:No biased reporting here on /. Just the facts. (Score:5, Insightful)
Also, how many corporate machines are running with wireless cards?
More than you might think. At my work they issue everybody with laptops. They all have inbuilt wireless.
Re:No biased reporting here on /. Just the facts. (Score:3, Insightful)
Quite a number. Perhaps not your average cubicle-slave but certainly those in 'client-facing roles' and those encouraged to take work home with them (read unpaid overtime). If security is lax, don't underestimate teenage children in re-enabling features on their parent's work laptop. Then there's consultant teams hired on a project basis that bring their own hardware and aren't subject to internal re-imaging of machines.
Comment removed (Score:3, Insightful)
Re:Easy Solution (Score:5, Insightful)
Group Policy can disable this for all domain users in one click.
And even if left on, what admin would allow a non-authenticated user access to anything on the network?
Besides, if I had enough access to a machine to turn this feature on, couldn't I just take control of it via traditional means? Why bother.
Comment removed (Score:5, Insightful)