Windows Phones open to hackers connecting to rogue Wi-Fi

A new Microsoft security advisory warns that smartphones running the Windows Phone operating system could be susceptible to infiltration when connecting to a rogue Wi-Fi hotspot.

A rogue access point, also known as a rogue AP, is a Wi-Fi access point installed on a network, operating without authorization and not under the control of a systems administrator. If installed, rogue APs could allow anyone to connect to your network through Wi-Fi, and may not adhere to WLAN security policies.

The bulletin, advisory 2876146, says that hackers could exploit a known weakness in the Wi-Fi authentication protocol known as PEAP-MS-CHAPv2 (Protected Extensible Authentication Protocol with Microsoft Challenge Handshake Authentication Protocol version 2). The protocol is used in Windows Phones for WPA2 wireless authentication.
Click to expand...

Read more at: Windows Phones open to hackers when connecting to rogue Wi-Fi | ZDNet
 
Click to expand...
Hi there .

I'm surprised this type of problem hasn't been reported on ANDROID as well -- Android apps are totally without any sort of decent QC and I see on a visit to central London recently that the City of Westminster now expects you to pay for parking via an ANDROID APP where you send by PLAIN TEXT credit card details etc etc. NOOOOOOOOOOOO THAAAAANKS -- I'll rather pay the fine MANUALLY.

Cheers
jimbo
 

My Computer

System One

  • OS
    Linux Centos 7, W8.1, W7, W2K3 Server W10
    Computer type
    PC/Desktop
    Monitor(s) Displays
    1 X LG 40 inch TV
    Hard Drives
    SSD's * 3 (Samsung 840 series) 250 GB
    2 X 3 TB sata
    5 X 1 TB sata
    Internet Speed
    0.12 GB/s (120Mb/s)
This is an exploit of the authentication protocol, namely PEAP-MS-CHAPv2, that used with wifi access points with WPA2 based encryption. The same authentication protocol is used by Android and I believe Apple iOS as well. Authentication credentials transferred through "rogue" access point captures the encrypted credentials that are decrypted later, and used to connect directly to the corporate network with the stolen credentials.

Requiring certificate to authenticate the AP is a standard security measure in corporate wifi networks that prevents sending the PEAP-MS-CHAPv2 authentication to the rogue AP. This is a none issue for any of the platforms, if the access and end points had been setup correctly...
 

My Computer

System One

  • OS
    Win 8.1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Dell Latitude
    CPU
    Intel i5-3350P (3.1 GHz)
    Motherboard
    Gigabyte
    Memory
    16 GBs
    Graphics Card(s)
    AMD Radeon HD7850
    Sound Card
    Built-in to MB
    Monitor(s) Displays
    2 x 24" Dell
    Screen Resolution
    3,840 x1,200
    Hard Drives
    128 GBs, OCZ Vertex, SATA III SSD
    256 GBs Intel SATA III SSD
    3 x Seagate 1 TBs HDD
    PSU
    Antec 750W
    Case
    Antec P185
    Internet Speed
    50 Gb/s
    Browser
    IE11, Firefox22.0
    Antivirus
    Vipre
    Other Info
    Works, most of the times unless Microsoft patches decide otherwise...
That's why I still use original WPA psk- Nobody has been able to come up with a way of connecting to secured WPA Wifi. The old WEP was hacked instantly, I can download iPhone apps that can bust in to any secured WEP. I've never tried them, because nobody uses WEP anymore.
 

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.
XweAponX said:
That's why I still use original WPA psk- Nobody has been able to come up with a way of connecting to secured WPA Wifi. The old WEP was hacked instantly, I can download iPhone apps that can bust in to any secured WEP. I've never tried them, because nobody uses WEP anymore.
Click to expand...
Your probably better off using WPA 2 with AES. WPA1 is known to be brute forced easily* in not using at least a 13 digit random key combination.

* This usually only applies in LAB oriented studies where multiple clusters of GPUs can crack WPA1 keys.
 

My Computer

System One

  • OS
    Windows 8.1 Pro w/ WMC x64
    Computer type
    Laptop
    System Manufacturer/Model
    HP Pavilion g7-1350dx
    CPU
    AMD A6-3420M APU
    Memory
    4 GiB DDR3
    Graphics Card(s)
    AMD Radeon HD 6520G
    Sound Card
    IDT HD Audio
    Screen Resolution
    1600x900
    Hard Drives
    Hitachi HTS547550A9E384 SATA Disk Device (500GiB)
    Mouse
    Synaptics PS/2 Port Touchpad v7.5
    Browser
    IE10/Chrome Beta/Waterfox(64bit)
    Antivirus
    Windows Defender/ MalwareByte's Pro
Well I don't think I have to worry about that in my neighborhood, I don't think any of my neighbors have multiple clusters of GPUs. Any encryption can be busted into given the technology and the TIME. That's what Brute Force approaches need. Even RAR cracking tools, need 1) A Huge dictionary and 2) Lots and lots of time. I've never busted into a password encrypted RAR file and once I left a decryption program running for a week. Don't worry, I made the RAR file myself and passworded it myself, I was just trying to find good software to break into it. I could not find ANY software that has been successful in busting into RAR files - And breaking into WPA is much the same.

For some reason, WEP could be broken in to easily.
 

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.
You must log in or register to reply here.
Back
Top