Thread: Hackers Expose 'Critical' Wi-Fi Driver Flaw
View Single Post
  #11 (permalink)  
Old 08-04-2006, 04:11 PM
John Navas
Guest
  
Posts: n/a
Default Re: Hackers Expose 'Critical' Wi-Fi Driver Flaw
On Fri, 4 Aug 2006 10:57:04 -0400, "Bill Kearney"
<wkearney99@hotmail.com> wrote in
<NuGdnbyyFNbc_U7ZnZ2dnUVZ_vmdnZ2d@speakeasy.net> :

>> But according to Maynor and Ellch, this attack can be carried out
>> whether or not a vulnerable targeted laptop connects with a local
>> wireless network. It is, they said, enough for a vulnerable machine
>> to have its wireless card active for such an attack to be successful.
>> That's a trivial demand, given that most wireless devices embedded in
>> laptops these days are switched on by default and are configured to
>> continuously seek out available wireless networks.
>
>Right, and if you know the device driver is susceptible to these types of
>attack, AND you know the OS the computer is running then it's possible to
>construct a hack that'll break into it. Things like buffer overflow
>exploits are not trivial to create. They often require multiple steps to
>essentially "build" the final attack vector. Think of it as putting small
>pieces of the code into place, merely a few bytes at a time. Once all the
>bytes are in place then execute them to open the door to a wider attack, or
>the next stage. Like 'kill the firewall' or merely reset a login password.
>If something can attack from the device driver level, and get code to
>execute, then there's little in the OS is going to protect you.

Not if you look beyond the popular operating systems. True microkernels
can isolate even device drivers in their own processes (contexts) to
prevent this kind of compromising (with other benefits as well,
including robustness and stability). The real problem is Intel
processor architecture, which has so much process (context) switching
and inter-process communication overhead that popular operating systems
resorted to running these functions in the kernel, thus foregoing this
kind of protection (and robustness and stability). A related problem is
weak memory management, including lack of Data Execution Prevention
until recently. For more information on microkernels, see
<http://en.wikipedia.org/wiki/Microkernel>.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

Reply With Quote