OT: Got Bluetooth?, What will those hackers come up with? Options

[cnavarro]

I know this is way off topic, but a good friend of mine was invited to do a segment at defcon. Here's a link to some of the coverage. The's a great pic in there that sent me out of my seat laughing. Makes you wonder how secure anything is anymore!

http://www.tomshardware.com/business/20040.../defcon-05.html <--- "bluetracking"

http://www.tomshardware.com/business/20040.../defcon-02.html <--- spot the fed

Charles Navarro
LN Engineering
http://www.LNengineering.com
Aircooled Precision Performance

[SirAndy]

i told people for years, don't use the "WiFi" crap, but nooooo, who's listening to me?

there are NO security standards to speak off for any of these devices.
(IMG:style_emoticons/default/type.gif) Andy

PS: that's why my SSL based packet router for wireless devices is selling so well! (IMG:style_emoticons/default/wink.gif)

[fiid]

Ethernet has no security either. If you want security with WiFi you need to use a vpn or encrypted protocols, same as any other unencrypted network technology. The only difference is it's easier to spot someone cutting or splicing an ethernet cable. It's probably possible to pull data off an ethernet cable wirelessly anyway.

Security is a game of odds. You need to make sure the odds are acceptable for the data you are transferring. The problem is that not everyone knows that, and some companies exploit the features vs security tradeoff to make their products very marketable. (Microsoft Scripting anyone?).

BTW. Airport security is crap. It's a big fucking tapdance that isn't protecting anyone.

Did any of you guys catch the article about the guy that was able to capture a screen shot of a monitor from the light reflected off a cube wall?

[fiid]

there are NO security standards to speak off for any of these devices.
(IMG:style_emoticons/default/type.gif) Andy

We spent a lot of time trying to secure stuff when I worked at wells. I am pretty firmly convinced that it's not the job of the network technology (ethernet, wi-fi, etc) to implement security - it's far easier to handle it at a connection level - using SSL, or to use something like IP-Sec.

If anything they should have avoided putting WEP in the 802.11 standard because it does create a false sense of security.

Fiid.

[914forme]

Check out Airespace

They have a good solution to the wireless security issues.

Matter of fact I can find rouge units that pop up and cut all traffic to them. Sit back and wait for the phone call. I had one guy take his Netgear back to BestBuy 3 times for a replacement before he called us.

But hey thats part of the game to enforce network or even IT policies, you have to have the muscle and know how to back it up.

But of course they cost $$$$$$$ comparied to the AP you buy at BestBuy also.

The guys a Berkley cracked 802.11 WiFi a while back, airespace is now in there campus and is publicly allowing hacking of their wireless network to help them make it more secure. They have not been broken yet, yet because it will happen at somepoint.