I read a discussion on this potential exploit on another forum.
Unfortunately, that discussion descended into silliness (lame jokes).
So here it is: I am running a wireless network. Some rogue finds my SSID
and uses the same SSID himself, on his WiFi server.. One of my WiFi
clients (a notebook computer, say) connects to the rogue network instead
of my own network, because the SSIDs are identical. The rogue WiFi server
can now observe all my data.
Is this possible? I use WPA2 with pre-shared key. Can the rogue WiFi
server read my WPA2 password, along with all my network traffic?
--
David Arnstein (00)
arnstein+usenet@pobox.com {{ }}
^^
>I read a discussion on this potential exploit on another forum.
>Unfortunately, that discussion descended into silliness (lame jokes).
That's ok as long as they didn't borrow some of my lame jokes.
>So here it is: I am running a wireless network. Some rogue finds my SSID
>and uses the same SSID himself, on his WiFi server.. One of my WiFi
>clients (a notebook computer, say) connects to the rogue network instead
>of my own network, because the SSIDs are identical. The rogue WiFi server
>can now observe all my data.
>
>Is this possible? I use WPA2 with pre-shared key. Can the rogue WiFi
>server read my WPA2 password, along with all my network traffic?
That's NOT possible unless the evil hacker also has the WPA2 key.
There's no way he can "join" your networks without it. Even if he
simulates your access point in order to sniff key exchanges and
authentication attempts, these are hashed and encrypted, making
decryption unlikely.
In <0ic4c35fntfsoa16t8lmcngl2g2t69vgjk@4ax.com> Jeff Liebermann <jeffl@cruzio.com> writes:
>That's NOT possible unless the evil hacker also has the WPA2 key.
>There's no way he can "join" your networks without it. Even if he
>simulates your access point in order to sniff key exchanges and
>authentication attempts, these are hashed and encrypted, making
>decryption unlikely.
but the related question: If he sets up
a base station with the same SSID as
the legit folk, and some of the laptops
connect to it, can't he then sniff out
any unencrypted traffic?
thanks
--
__________________________________________________ ___
Knowledge may be power, but communications is the key dannyb@panix.com
[to foil spammers, my address has been double rot-13 encoded]
>In <0ic4c35fntfsoa16t8lmcngl2g2t69vgjk@4ax.com> Jeff Liebermann <jeffl@cruzio.com> writes:
>
>>That's NOT possible unless the evil hacker also has the WPA2 key.
>>There's no way he can "join" your networks without it. Even if he
>>simulates your access point in order to sniff key exchanges and
>>authentication attempts, these are hashed and encrypted, making
>>decryption unlikely.
>
>but the related question: If he sets up
>a base station with the same SSID as
>the legit folk, and some of the laptops
>connect to it, can't he then sniff out
>any unencrypted traffic?
Yes, unfortunately. The laptop can also be attacked directly.
Susceptibility to duplicated SSID exploits (rogue AP) varies with the
client manager.
Note: I'm not 100.0% sure of the following. I'll need to retest to
be sure.
Let's pretend that the user has setup their laptop to connect to their
own system SSID using WPA2 encryption. You would expect Windoze
Wireless Zero Config to remember this "profile" and always connect
using WPA2. Nope. If for some reason, the rouge access point has a
better signal, Windoze will try to connect to the rogue access point
(with the same SSID) first. It will then decide that the encryption
method has changed and offer a warning that you're connecting to an
unsecured access point. Most users will see the message, click "OK",
and connect merrily to the rouge access point. Windoze Wireless Zero
Config will then change the saved "profile" to be unencrypted on the
assumption that the owner has changed their method of encryption. If
they want to connect again to the real access point, they get to
tediously key in the WPA key (twice) from scratch. If you
mysteriously find yourself keying in the WPA key from scratch for no
obvious reason, it's because there's probably another access point out
there with no encryption and a duplicated SSID.
If there are duplicated SSID's, there's also no indication as to which
access point is being used, as Windoze WZC does not display the MAC
address. Once connected to the rouge access point, the user checks
their email and unless it's encrypted or encapsulated in a VPN tunnel,
it's all sniffable. If they're running open shares or no firewall,
they can be attacked directly. It's happened to a customer that went
to a hotel and connected to the wrong AP.
At least that's the way I remember it working when I last tried it
about a year ago. I'll try it again when I have a chance.
In the meantime, find a connection manager that will display the MAC
address clearly, and offer separate connections for each different MAC
address even if the SSID is the same. So far, I've found the
following that will do this:
<http://wifihopper.com>
and possibly the Buffalo Client Manager 3 (not sure yet):
<http://www.buffalotech.com/technology/our-technology/client-manager-3/>
Incidentally, this CM3 claims to be able to support non-Buffalo
products which should be very useful.
There are probably others, but I haven't bothered to do any testing.
If your client manager or connection manager will show a list of
available networks, with one line for each access point even if they
have the same SSID, you can then distinguish between access point. If
it does that, it can also so the same in separate profiles.
In <f6f4c3tfaumnljvjtnt4udpf316mjkch8b@4ax.com> Jeff Liebermann <jeffl@cruzio.com> writes:
>In the meantime, find a connection manager that will display the MAC
>address clearly, and offer separate connections for each different MAC
>address even if the SSID is the same. So far, I've found the
>following that will do this:
><http://wifihopper.com>
>and possibly the Buffalo Client Manager 3 (not sure yet):
><http://www.buffalotech.com/technology/our-technology/client-manager-3/>
>Incidentally, this CM3 claims to be able to support non-Buffalo
>products which should be very useful.
With Mac OS 9 there were some programs
which gave you detailed info about
the base stations in your "view", and
let you manually choose between the
five different ones that said "Linksys"
as their SSID.
I've yet to find one for OS X. (I've found
"istumbler" which shows the info but doesn't
offer the clickthrough).
Anyone know of one? Thanks.
--
__________________________________________________ ___
Knowledge may be power, but communications is the key dannyb@panix.com
[to foil spammers, my address has been double rot-13 encoded]
> With Mac OS 9 there were some programs
> which gave you detailed info about
> the base stations in your "view", and
> let you manually choose between the
> five different ones that said "Linksys"
> as their SSID.
>
> I've yet to find one for OS X. (I've found
> "istumbler" which shows the info but doesn't
> offer the clickthrough).
"Join" is the first button in iStumbler's default toolbar and the first
command in its "AirPort" menu. The keyboard shotcut is Command + Shift +
J.
"Jeff Liebermann" <jeffl@cruzio.com> wrote in message
news:f6f4c3tfaumnljvjtnt4udpf316mjkch8b@4ax.com...
> danny burstein <dannyb@panix.com> hath wroth:
>
>>In <0ic4c35fntfsoa16t8lmcngl2g2t69vgjk@4ax.com> Jeff Liebermann
>><jeffl@cruzio.com> writes:
>>
>>>That's NOT possible unless the evil hacker also has the WPA2 key.
>>>There's no way he can "join" your networks without it. Even if he
>>>simulates your access point in order to sniff key exchanges and
>>>authentication attempts, these are hashed and encrypted, making
>>>decryption unlikely.
>>
>>but the related question: If he sets up
>>a base station with the same SSID as
>>the legit folk, and some of the laptops
>>connect to it, can't he then sniff out
>>any unencrypted traffic?
>
> Yes, unfortunately. The laptop can also be attacked directly.
> Susceptibility to duplicated SSID exploits (rogue AP) varies with the
> client manager.
>
> Note: I'm not 100.0% sure of the following. I'll need to retest to
> be sure.
>
> Let's pretend that the user has setup their laptop to connect to their
> own system SSID using WPA2 encryption. You would expect Windoze
> Wireless Zero Config to remember this "profile" and always connect
> using WPA2. Nope. If for some reason, the rouge access point has a
> better signal, Windoze will try to connect to the rogue access point
> (with the same SSID) first. It will then decide that the encryption
> method has changed and offer a warning that you're connecting to an
> unsecured access point. Most users will see the message, click "OK",
> and connect merrily to the rouge access point. Windoze Wireless Zero
> Config will then change the saved "profile" to be unencrypted on the
> assumption that the owner has changed their method of encryption. If
> they want to connect again to the real access point, they get to
> tediously key in the WPA key (twice) from scratch. If you
> mysteriously find yourself keying in the WPA key from scratch for no
> obvious reason, it's because there's probably another access point out
> there with no encryption and a duplicated SSID.
>
> If there are duplicated SSID's, there's also no indication as to which
> access point is being used, as Windoze WZC does not display the MAC
> address. Once connected to the rouge access point, the user checks
> their email and unless it's encrypted or encapsulated in a VPN tunnel,
> it's all sniffable. If they're running open shares or no firewall,
> they can be attacked directly. It's happened to a customer that went
> to a hotel and connected to the wrong AP.
>
> At least that's the way I remember it working when I last tried it
> about a year ago. I'll try it again when I have a chance.
>
> In the meantime, find a connection manager that will display the MAC
> address clearly, and offer separate connections for each different MAC
> address even if the SSID is the same. So far, I've found the
> following that will do this:
> <http://wifihopper.com>
> and possibly the Buffalo Client Manager 3 (not sure yet):
> <http://www.buffalotech.com/technology/our-technology/client-manager-3/>
> Incidentally, this CM3 claims to be able to support non-Buffalo
> products which should be very useful.
>
> There are probably others, but I haven't bothered to do any testing.
>
> If your client manager or connection manager will show a list of
> available networks, with one line for each access point even if they
> have the same SSID, you can then distinguish between access point. If
> it does that, it can also so the same in separate profiles.
>
Wow, I can't believe that WZC is that stupid.. (Actually I can.)
Why do people continue to use that crap and not just use the client that
came with their hardware?
I just temporarily disabled WPA2 on my WLAN SSID to see if DLink's client
would connect to it with the profile still set to use WPA2. It wouldn't...
In <1i2utz3.cobhmq5vm4qtN%massello@newsguy.com> massello@newsguy.com (Neill Massello) writes:
>danny burstein <dannyb@panix.com> wrote:
>> With Mac OS 9 there were some programs
>> which gave you detailed info about
>> the base stations in your "view", and
>> let you manually choose between the
>> five different ones that said "Linksys"
>> as their SSID.
>>
>> I've yet to find one for OS X. (I've found
>> "istumbler" which shows the info but doesn't
>> offer the clickthrough).
>"Join" is the first button in iStumbler's default toolbar and the first
>command in its "AirPort" menu. The keyboard shotcut is Command + Shift +
>J.
Please excuse the loud sound as I thwack my forehead.
"Duh".
Thanks.
--
__________________________________________________ ___
Knowledge may be power, but communications is the key dannyb@panix.com
[to foil spammers, my address has been double rot-13 encoded]
> There are probably others, but I haven't bothered to do any testing.
Put Intel's PROSet/Wireless (v 10.5.2.0, although I seem to remember
previous versions offering this as well) on your list. It's not right on the
front page, but if you click on an available Wireless Access Point that
shows up in the list of detected networks, you can then click the
"Properties" button to see the AP's MAC address.
On Aug 15, 7:12 am, danny burstein <dan...@panix.com> wrote:
> In <0ic4c35fntfsoa16t8lmcngl2g2t69v...@4ax.com> Jeff Liebermann <je...@cruzio.com> writes:
>
> >That's NOT possible unless the evil hacker also has the WPA2 key.
> >There's no way he can "join" your networks without it. Even if he
> >simulates your access point in order to sniff key exchanges and
> >authentication attempts, these are hashed and encrypted, making
> >decryption unlikely.
>
> but the related question: If he sets up
> a base station with the same SSID as
> the legit folk, and some of the laptops
> connect to it, can't he then sniff out
> any unencrypted traffic?
>
> thanks
>
If the WPA2 is using something like public key encryption method, it
is still impossible for attacker's to obtain the wpa2 passphase using
the key swapped in the air traffic, to understand this, please read:
Jeff Liebermann <jeffl@cruzio.com> wrote:
> Note: I'm not 100.0% sure of the following. I'll need to retest to
> be sure.
I think you need to retest.
If you change the encryption method on your WAP, you typically have to
delete the existing SSID from Wireless Zero Config, and then reconnect.
That is certainly the case for me switching between none and WEP-64 and
back.
--
Clarence A Dold - Hidden Valley Lake, CA, USA GPS: 38.8,-122.5
> Wow, I can't believe that WZC is that stupid.. (Actually I can.)
> Why do people continue to use that crap and not just use the client that
> came with their hardware?
> I just temporarily disabled WPA2 on my WLAN SSID to see if DLink's client
> would connect to it with the profile still set to use WPA2. It wouldn't...
I could be mistaken, but I thought the DLink client displayed a different
signal strength bar, but still used WZC for management.
--
Clarence A Dold - Hidden Valley Lake, CA, USA GPS: 38.8,-122.5
>Jeff Liebermann <jeffl@cruzio.com> wrote:
>> Note: I'm not 100.0% sure of the following. I'll need to retest to
>> be sure.
>I think you need to retest.
I agree. Like I mumbled, I'm not 100% sure and it was about a year
ago when I tried it last.
However, none of the tests are what I was doing. I didn't change the
encryption setting on a single access point. As I recall, I added a
2nd access point, with the exact same SSID, but no encryption. I
believe I had to select "Connect to any available network" in WZC.
When I did a scan for available networks, it would sometime list the
unencrypted access point, not the encrypted one, as indicated by the
lock icon. If I then hit connect, it would clobber the saved settings
for the encrypted version. Remember, we're testing to see if a WSC
client can be fooled into connecting to the wrong access point with
the same SSID but no encryption.
I'll retest later today as I don't have my laptop or a spare access
point at home. If not, I'll be in my office tomorrow, maybe.
>If you change the encryption method on your WAP, you typically have to
>delete the existing SSID from Wireless Zero Config, and then reconnect.
>
>That is certainly the case for me switching between none and WEP-64 and
>back.
If that's true, then I might be wrong. I just hate it when that
happens.
Incidentally, I blundered across these different auto connection modes
for Intel Proset. See:
<http://www.intel.com/support/wireless/wlan/sb/cs-025775.htm>
under "Auto Connect" settings.
- Connect to available network using profiles only:
= Connect to any available network if no matching profile is found:
= Connect to any network based on profiles only (Cisco* mode):
If the profile includes the MAC address of the access point, it's a
good way to prevent connecting to the wrong access point. If it
doesn't, it's useless.
>dold@99.usenet.us.com hath wroth:
>
>>Jeff Liebermann <jeffl@cruzio.com> wrote:
>>> Note: I'm not 100.0% sure of the following. I'll need to retest to
>>> be sure.
>
>>I think you need to retest.
>
>I agree. Like I mumbled, I'm not 100% sure and it was about a year
>ago when I tried it last.
>
>However, none of the tests are what I was doing. I didn't change the
>encryption setting on a single access point. As I recall, I added a
>2nd access point, with the exact same SSID, but no encryption.
I retrieved my laptop, bought a WRT54G v2.0 at a local thrift shop for
$10, flashed it with DD-WRT v23 SP3 2007/07/20 VPN firmware, and
merrily started testing.
I have two wireless routers. WRT54GS v4 with encryption off. WRT54G
v2.0 with WPA-PSK(TKIP) encryption. Both are running DD-WRT. I'm
using an HP ze2000 laptop, with a Broadcom something MiniPCI card
using XP SP2 Wireless Zero Config. Both wireless router are set to
the same channel and the same SSID. The WRT54GS is the main router
for our neighborhood LAN and has a very strong signal around my house.
The other WRT54G (with WPA) is fairly portable and is being moved
around the house to vary the signal strength.
To start, I deleted all saved profiles (preferred networks) from WZC
on the laptop. The WRT54G with the WPA encryption is located fairly
close to the laptop. Refreshing the network list always shows an
encrypted network, which means it's correctly connecting to the proper
(encrypted) router.
However, when I remove the antennas from the WRT54G with the WPA
encryption, and reduce the signal level substantially, refreshing the
network list shows the unencrypted router. Apparently, if there's no
saved encrypted entry in the preferred network list, WZC will take the
strongest signal. I tinkered with the tx power output on both units
until the signal level was the same. Even a slight change (3dB) would
cause the stronger signal to get recognized. Therefore, WZC does NOT
automatically prefer an encrypted network over an unencrypted network
with the same SSID.
Next, I connected to the WRT54G with WPA encryption, and saved the
network in the preferred networks. WZC would automatically connect to
the WPA encrypted router, even if the signal strength was far lower
than that of the unencrypted router. This is good.
I then did a manual disconnect, which WZC considers to be some kind of
invitation to not reconnect automatically. Once again, WZC would
connect to the strongest signal, instead of the encrypted router.
If you have your WZC connection settings saved as a "preferred
network", and you're set to automatically connect, then you're
probably safe from a rogue access point without encryption.
If you are set to manually connect and/or do not have the setting
saved, WZC will prefer the strongest signal, ignoring the encryption
status. This will make it very easy to fool users into connecting to
the wrong access point.
Meanwhile, your best defense against AP spoofing is to find a
connection manager that either displays the MAC address of the access
point, or offers independent connections for each MAC address
associated with a given SSID.
I'll leave things setup for a few hours in case anyone has any other
tests they would like me to run. Meanwhile, I'll be playing with
Buffalo Client Manager 3 to see if it offers any improvements.
In article <8057c395mk3ctk73d6333q7haj4f08t0ti@4ax.com>,
Jeff Liebermann <jeffl@cruzio.com> wrote:
> I retrieved my laptop, bought a WRT54G v2.0 at a local thrift shop for
> $10, flashed it with DD-WRT v23 SP3 2007/07/20 VPN firmware, and
> merrily started testing.
Damn. Wish I had a thrift shop like that around here.
--
W. Oates
>In article <8057c395mk3ctk73d6333q7haj4f08t0ti@4ax.com>,
> Jeff Liebermann <jeffl@cruzio.com> wrote:
>
>> I retrieved my laptop, bought a WRT54G v2.0 at a local thrift shop for
>> $10, flashed it with DD-WRT v23 SP3 2007/07/20 VPN firmware, and
>> merrily started testing.
>
>Damn. Wish I had a thrift shop like that around here.
Mountain Thrift in Ben Lomond, California. Weds, Sat and Sun are half
off days.
<http://802.11junk.com/jeffl/panorama/MtnThrift01a.jpg>
This is from about 2 years ago. The electronics and junk are in
another section not visible in the photo. They don't get much decent
electronics. However, there are plenty of DSL modems and routers from
people that move out of the area and leave their junk behind. I've
picked up quite a bit of really nice electronics for next to nothing.
There are several other thrift shops in the area, but they don't take
some electronics because of the high DOA and return rates. Just TV's
and radios because they are easy to test.
>Jeff Liebermann says...
>
> > If you have your WZC connection settings saved as a
> > "preferred network", and you're set to automatically
> > connect, then you're probably safe from a rogue access
> > point without encryption.
>
> > If you are set to manually connect and/or do not have
> > the setting saved, WZC will prefer the strongest signal,
> > ignoring the encryption status. This will make it very
> > easy to fool users into connecting to the wrong access
> > point.
>I'm really confused. What do you mean by "set to manually
>connect"?
When you use WZC to setup a new connection, it will default to
"connect automatically". Once connected, when you hit "Disconnect",
WZC stupidly thinks that this is an invitation to set the profile to
"connect manually". It will show either "Automatic" or "Manual" in
the WZC box for the particular SSID. You can also change this setting
in the properties for the connection.
>I have my laptop set up with my router as the
>only preferred connection, and it automatically connects to
>it when powered up.
That's the default and normal method. I set it to "Manual" so that it
did NOT try to automatically connect. I wanted to see what would be
displayed when I hit "Refresh Network List". It can't do that
properly if it were already connected. Note that my test procedure is
simply a method of determining how WZC responds to duplicated SSID's
and should not be considered a recommendation that you setup your
computer in a similar manual. If you like automatic connections,
leave it that way.
>But I do NOT have "Connect to any
>network" checked. So, if I'm away from my router, my laptop
>won't connect to anything unless I tell it to. And if I'm
>near my router, but have encryption turned off in it, then
>the laptop still won't connect.
You're making the same mistake that several people have done trying to
simulate the problem. The original question was how does WZC respond
to multiple access points, with identical SSID's, where the real AP is
encrypted, and the rouge access point is not-encrypted. I've
demonstrated that under some conditions, it is possible to fool the
user into connecting to the wrong AP. What others have incorrectly
done is assume that this can be simulated with a single wireless AP by
simply changing the encryption settings. That's a good test to see
how WZC responds to a change in the save profile, but is not very
useful for answering the original question, which requires two AP's.
>In what way is your laptop configured differently?
Actually, it's totally weird and has quite a few shims tossed into the
IP stack. However, for this test, I saved everything with
Netswitcher:
<http://www.netswitcher.com>
and then removed all the VPN's, traffic monitors, security filters,
sniffers, and multiple wireless/ethernet drivers. It's all very
simple and fairly stock for this test.
>Also, is
>there a way, with one laptop and one router, to duplicate
>the results you are getting?
No. That was the point of my testing. It requires two routers. One
to simulate a "rouge" access point and the other for the "real" access
point. Also not that I tried to make the two access points as
identical as possible. I have no idea what might happen if they were
different chipsets, with different timing.
In article <6o9ac3lo8outvsirgkk6l3ahg3vk7t1uic@4ax.com>,
Jeff Liebermann <jeffl@cruzio.com> wrote:
> Mountain Thrift in Ben Lomond, California. Weds, Sat and Sun are half
> off days.
> <http://802.11junk.com/jeffl/panorama/MtnThrift01a.jpg>
> This is from about 2 years ago. The electronics and junk are in
> another section not visible in the photo. They don't get much decent
> electronics. However, there are plenty of DSL modems and routers from
> people that move out of the area and leave their junk behind. I've
> picked up quite a bit of really nice electronics for next to nothing.
> There are several other thrift shops in the area, but they don't take
> some electronics because of the high DOA and return rates. Just TV's
> and radios because they are easy to test.
>
That's what I meant. Our local thrift shops (2) won't take any computer
stuff at all, or any electronics that they don't understand what they do.
--
W. Oates
>In article <6o9ac3lo8outvsirgkk6l3ahg3vk7t1uic@4ax.com>,
> Jeff Liebermann <jeffl@cruzio.com> wrote:
>
>> Mountain Thrift in Ben Lomond, California. Weds, Sat and Sun are half
>> off days.
>> <http://802.11junk.com/jeffl/panorama/MtnThrift01a.jpg>
>That's what I meant. Our local thrift shops (2) won't take any computer
>stuff at all, or any electronics that they don't understand what they do.
Yep. I know how it works. The problem is that the average thrift
shop cannot afford to test and identify all the electronics that gets
donated, especially at the prices people are willing to pay for them.
There are also a limited number of people still doing repairs or are
interested in buying devices that have a high potential for being
fried. My guess is about half the electronics I buy at various thrift
shops is dead. Since these are charities (Mtn Thrift benfits the
local High Skool) I don't return anything for credit that was blown.
Most people don't do that and regularly return things.
What makes this place unique is that there are about 5 locals that
actually do purchase electronics, do repairs, and do not become a drag
on the business by returning things. They also have employees that
have finally discovered that if you price things low enough, people
will take a chance and buy them even if they might be DOA.
If you want your local thrift shops to take in electronics, you'll
need to convince them that there's a market. You'll also need to
convince the local dump or recyling center to deal with the overflow
and to allow limited scavenging:
<http://802.11junk.com/jeffl/pics/e-waste/index.html>
It can be done, but it wasn't easy as there are liability issues if
anyone gets hurt dragging off something big or dangerous. The biggest
help at the thrift shop was to get donors to identify in writing what
was being donated, how much it was worth, and what was wrong with it.
Also, some basic cleaning.
Some local charities have turned eWaste into a business:
<http://www.greybears.org/computer.html>
The way the money moves is rather complex, but basically the local
waste management organizations are tryin to keep re-usable items out
of the garbage dumps. I've purchased a wide array of obsolete but
useful computers and parts from their computer store. However, what
they mostly do is tear apart the computers, cell phones, and
electronics, and send the guts off to the metal recyclers. There's
gold in eWaste, literally.
I can go on and on on recycling electronics, but not here and now.
Jeff Liebermann <jeffl@cruzio.com> wrote:
> Some local charities have turned eWaste into a business:
The recycling company that we used is subsidized by the state, and destoys
everything ;-( Not my choice at all, but it was difficult to get anyone to
take e-junk before the state fee thing. I forget who they are now, ut they
had a catchy name in the ad on KCBS.
Here's a generic page: http://www.erecycle.org/efaqs.htm
I can't find the company we used in their search engine.
erecycle has a search engine for "reuse" as well as "recycle".
--
Clarence A Dold - Hidden Valley Lake, CA, USA GPS: 38.8,-122.5
In article <mtabc3h1d4r1mncfquttv06ps44psh3rrr@4ax.com>,
Jeff Liebermann <jeffl@cruzio.com> wrote:
> Yep. I know how it works. The problem is that the average thrift
> shop cannot afford to test and identify all the electronics that gets
> donated, especially at the prices people are willing to pay for them.
> There are also a limited number of people still doing repairs or are
> interested in buying devices that have a high potential for being
> fried. My guess is about half the electronics I buy at various thrift
> shops is dead. Since these are charities (Mtn Thrift benfits the
> local High Skool) I don't return anything for credit that was blown.
> Most people don't do that and regularly return things.
>
> What makes this place unique is that there are about 5 locals that
> actually do purchase electronics, do repairs, and do not become a drag
> on the business by returning things. They also have employees that
> have finally discovered that if you price things low enough, people
> will take a chance and buy them even if they might be DOA.
>
> If you want your local thrift shops to take in electronics, you'll
> need to convince them that there's a market. You'll also need to
> convince the local dump or recyling center to deal with the overflow
> and to allow limited scavenging:
> <http://802.11junk.com/jeffl/pics/e-waste/index.html>
> It can be done, but it wasn't easy as there are liability issues if
> anyone gets hurt dragging off something big or dangerous. The biggest
> help at the thrift shop was to get donors to identify in writing what
> was being donated, how much it was worth, and what was wrong with it.
> Also, some basic cleaning.
>
> Some local charities have turned eWaste into a business:
> <http://www.greybears.org/computer.html>
> The way the money moves is rather complex, but basically the local
> waste management organizations are tryin to keep re-usable items out
> of the garbage dumps. I've purchased a wide array of obsolete but
> useful computers and parts from their computer store. However, what
> they mostly do is tear apart the computers, cell phones, and
> electronics, and send the guts off to the metal recyclers. There's
> gold in eWaste, literally.
>
> I can go on and on on recycling electronics, but not here and now.
It's not as bad here as it sounds. There's a thrift shop "chain store"
about 15 miles away (Value Village) that has some neat stuff (lots of
CRT monitors these days) and profits go to charity. There's also a
recycling bbs system (I forget what it's called) where you can post
items to give away, or that you want. I can also drive to Montreal, and
pay a bit more in one of the eJunk places. Toronto would be closer but I
won't go there on a dare.
--
W. Oates
<dold@99.usenet.us.com> wrote in message news:f9v4oq$hi9$2@blue.rahul.net...
> Eric <none@none.nnn> wrote:
>
>> Wow, I can't believe that WZC is that stupid.. (Actually I can.)
>
>> Why do people continue to use that crap and not just use the client that
>> came with their hardware?
>
>> I just temporarily disabled WPA2 on my WLAN SSID to see if DLink's client
>> would connect to it with the profile still set to use WPA2. It
>> wouldn't...
>
> I could be mistaken, but I thought the DLink client displayed a different
> signal strength bar, but still used WZC for management.
>
Hi,
The DLink client is a complete drop-in and not just an interface for WZC.
In fact, I have the WZC service completetly disabled under services.msc
"Use Windows to manage your wireless connections" (or whatever it is)
doesn't even appear in the advanced settings for the WNIC as the WZC isn't
running...
Eric <none@none.nnn> wrote:
> The DLink client is a complete drop-in and not just an interface for WZC.
> In fact, I have the WZC service completetly disabled under services.msc
I checked my machine, DLink DWL-G630, on WinXP SP2.
I have the little stacked bar signal thing in the systray, but if I double
click on it, the WZC window opens. You could turn off WZC, but WZC is the
default.
--
Clarence A Dold - Hidden Valley Lake, CA, USA GPS: 38.8,-122.5
<dold@99.usenet.us.com> wrote in message news:faadgo$5np$1@blue.rahul.net...
> Eric <none@none.nnn> wrote:
>> The DLink client is a complete drop-in and not just an interface for WZC.
>
>> In fact, I have the WZC service completetly disabled under services.msc
>
> I checked my machine, DLink DWL-G630, on WinXP SP2.
> I have the little stacked bar signal thing in the systray, but if I double
> click on it, the WZC window opens. You could turn off WZC, but WZC is the
> default.
>
Yeah, the DLink drivers and client doesn't change your default manager over
from WZC to DLink on installation.
Nice of it, I suppose... Thats the first thing I always change though...
When I click the wireless NIC icon, it opens up a dialogue box that is
pretty much the same for any other NIC..
Status, Network, Speed, etc. The only difference between it and the wired
NIC dialogue boxes is that it also has a "View Wireless Network" button that
would launch WZC, if WZC service was running. Clicking on it gets a
dialogue box: "If you want Windows to configure this wireless connection,
start the Windows Zero Configuration service." It then refers to: http://support.microsoft.com/kb/871122/en-us (run services.msc and start
WZC).
When I click DLink's icon (little yellow 'D') in the system tray, it brings
up the DLink client. I use DLink's client for management as I don't trust
WZC...
"Eric" <none@none.nnn> wrote in message
news:46c8d6e9$0$16464$4c368faf@roadrunner.com...
>
> <dold@99.usenet.us.com> wrote in message
> news:faadgo$5np$1@blue.rahul.net...
>> Eric <none@none.nnn> wrote:
>>> The DLink client is a complete drop-in and not just an interface for
>>> WZC.
>>
>>> In fact, I have the WZC service completetly disabled under services.msc
>>
>> I checked my machine, DLink DWL-G630, on WinXP SP2.
>> I have the little stacked bar signal thing in the systray, but if I
>> double
>> click on it, the WZC window opens. You could turn off WZC, but WZC is
>> the
>> default.
>>
>
> Yeah, the DLink drivers and client doesn't change your default manager
> over from WZC to DLink on installation.
> Nice of it, I suppose... Thats the first thing I always change though...
>
> When I click the wireless NIC icon, it opens up a dialogue box that is
> pretty much the same for any other NIC..
> Status, Network, Speed, etc. The only difference between it and the wired
> NIC dialogue boxes is that it also has a "View Wireless Network" button
> that would launch WZC, if WZC service was running. Clicking on it gets a
> dialogue box: "If you want Windows to configure this wireless connection,
> start the Windows Zero Configuration service." It then refers to:
> http://support.microsoft.com/kb/871122/en-us (run services.msc and start
> WZC).
>
> When I click DLink's icon (little yellow 'D') in the system tray, it
> brings up the DLink client. I use DLink's client for management as I
> don't trust WZC...
Oh, I just re-read your post and realized also that by little stacked bar
signal thing you probably meant the DLink client and not the wireless NIC
icon...
That would also be a different client than the one I'm using. My client has
a little yellow 'D' for an icon in the system tray..
The card in this computer is an AirPremier DWL-AG530 802.11a/g card... We
probably are using different DLink clients....
WiFi exploit via duplicated SSID 
Linear Mode
