Operation n

A few months ago David Maynor and Jon Ellch brought “Wireless Device Driver” hacking to our attention. Since then I have seen drivers being exploited all over the show. Now the popular open source “MadWifi” drivers have been targetted and exploited.

Other Wireless drivers that have been hit:
- DLink
- Broadcom
- Netgear
- Apple Airport
See http://projects.info-pull.com/mokb/

What do you do? Stop using Wireless :) Call me old fasioned but I have never liked the idea that my internal network becomes “virtually” accessible 24/7 to complete strangers. Yes, one can implement VPN solutions, blow whistles and swing on a trapezium blind folded, but whether we like it or not Wireless presents an additional entrance point for an “external” attacker.

I don’t believe these are the only future attack vectors, but I do like David Maynor’s words:
“The OS vendors have been hardening the operating system a lot, so now attackers have two choices. They can go up to the application level, or they can go lower to the device driver level..”