设为首页 加入收藏 联系我们
关于联盟 联盟工作 联盟成员 WAPI产业链 WAPI专题 行业资讯 咨询测试 WAPI互操作认定 招贤纳士
 
 
 行业资讯
联盟动态
成员动态
业界动态
媒体关注
 
媒体关注
警惕“免费公共的WiFi”

The Zombie Network: Beware “Free Public WiFi”

警惕“免费公共的WiFi”美国上千的地方可以使用免费WiFi,在机场,咖啡馆和图书馆,一些假的Wi-Fi接入点会提供伪装的连接来欺骗你。当你连接时,将会把你的电脑上的数据暴露给黑客。

It's in your airports, your coffee shops and your libraries: "Free Public WiFi."

Despite its enticing name, the network, available in thousands of locations across the United States, does not actually provide access to the Internet. But like a virus, it has spread — and may even be lurking on your computer right now.

Wireless security expert Joshua Wright first noticed it about four years ago at an airport.

"I went to connect to an available wireless network and I saw this option, Free Public WiFi," he remembers. "As I looked more and more, I saw this in more and more locations. And I was aware from my job and analysis in the field that this wasn't a sanctioned, provisioned wireless network, but it was actually something rogue."

Free Public WiFi isn't set up like most wireless networks people use to get to the Internet. Instead, it's an "ad hoc" network — meaning when a user selects it, he or she isn't connecting to a router or hot spot, but rather directly to someone else's computer in the area.

Though it doesn't actually provide Internet access, the network has spread across the country thanks to an old Windows XP bug.

How It Works

When a computer running an older version of XP can't find any of its "favorite" wireless networks, it will automatically create an ad hoc network with the same name as the last one it connected to -– in this case, "Free Public WiFi." Other computers within range of that new ad hoc network can see it, luring other users to connect. And who can resist the word "free?"

Not a lot of people, judging from the spread of Free Public WiFi. Computers with the XP bug that try to connect to the Internet will remember the name, create their own ad hoc networks and entice other users wherever they go.

Microsoft is aware of the issue and says it has eliminated the network in more recent versions of Windows. It also created a fix to the problem for the older version of Windows XP — Windows XP Service Pack 3 — but many people still haven't updated their computers.

How To Protect Yourself

"Free Public WiFi" isn't inherently harmful, but if you connect or unintentionally create the ad hoc network you could expose yourself to hackers.  Here are two steps you can take:
 

Step One: Regardless of whether you're on a Mac or PC, or which version of Windows you're running, resist the urge to connect to "Free Public WiFi" or other unknown wireless networks.
 

Step Two: If you're still running Windows XP, make sure your computer is up to date so that you won't unintentionally broadcast the ad hoc network in the future. Here's a statement from Microsoft:
 

"This issue was fixed in Windows XP SP3, Windows Vista, and Windows 7. Customers who wish to install Windows XP Service Pack 3 can do so by visiting this site.
 

That means, Wright says, the network continues to spread across the country like something from a horror movie — the kind "where a zombie takes a hold of one person, bites them and they become infected by this zombie virus."

It's not the only zombie network out there, either. Others you may have seen go by such alluring names as "linksys," "hpsetup," "tmobile" or "default."

A Trick That's A Treat For Hackers

No one knows for sure where Free Public WiFi began. One theory, Wright says, is that someone may have set it up as a joke. It might have been created to trick a friend into connecting "so he would get a Web page with some kind of a gross image or childish prank."

Unintentionally creating or connecting to the ad hoc network isn't inherently harmful, despite its virus-like spread. It does, however, provide an access point for hackers to come in and check out the user's files.

Part of Wright's job is to hack into a company's wireless network in order to expose vulnerabilities. When he sees Free Public WiFi, he says, "we break out the champagne."

"Because I know at that point I will be able to get unlimited access to internal resources just from that one starting point."

原文链接:

http://www. npr.org/templates/story/story.php?storyId=130451369&ft=1&f=1019
 

  


 
 


电话:010-82351181/82357730   传真:010-82351181 Ext.1901  邮箱:wapia@wapia.org; wapi@wapia.org

地址:北京市海淀区知春路27号量子芯座1608室 邮编 :100191