You Can Trust Our Reviews
Deeper Dive: Our Top Tested Picks
Buying Guide: The Wireless Snare
Right now your laptop could be wirelessly connecting to any available network. That's unsafe.
The situation's all too common: You're at the airport and your flight is delayed, so you open your laptop and start working. Unbeknownst to you, your laptop's wireless could be putting your computer in danger.
Recent real-world experiments suggest that the default wireless settings on many laptops could leave them vulnerable. During recent travel, researcher Mark Loveless started poking into the reasons why a large number of laptops at any given airport were broadcasting common network names, or service set identifiers (SSIDs), such as "linksys" or "dlink." He gathered similar data on four flights. He found a significant portion of laptops are configured by default to seek out and connect to common SSIDs. If no such network is around, many computers create their own wireless network using one of those names. Without any sort of malicious intent, wireless laptops were connecting to each other, he found.
The issue isn't a vulnerability per se; it's a cascade failure of a set of default configurations that Microsoft has set to make creating wireless networks easier.
Many laptops are configured to attempt to connect to both infrastructure networks and what are called ad hoc networks. In an infrastructure network, the laptop is a client that connects to a base station, similar to the client-server network design. In ad hoc networks, many individual laptops form a peer-to-peer network sharing connectivity. This ad hoc networking is done in the background on Microsoft Windows 2000 and Windows XP (up to Service Pack 1). Windows XP Service Pack 2 notifies the user that it's connecting to an ad hoc network.
Other factors come into play as well. Many people's home networks connect through a base station identified by the default name, such as "linksys." Moreover, a laptop that connects to an ad hoc network of a different name adds that name to its list of possible networks, possibly advertising that network name to other computers in the future. Furthermore, Microsoft has a default addressing scheme that results in each computer getting a valid address, even without a central computer to assign network addresses to each member of the network.
This all makes it possible for attackers to join and control ad hoc networks. Because a laptop believes it's part of a network, it might check for e-mail, letting the attacker get the owner's username and password. The attacking computer can also advertise its connection as an Internet gateway and scan traffic sent by other laptops for useful information, such as passwords to automated accounts.
More aggressive attackers could use the network to try attacks on specific vulnerabilities in a potential victim's laptop. In many cases, the laptop will connect to the wireless network, believing that it is the user's home network. Thus, the configuration may allow file sharing and printer sharing.
How can you protect yourself? First, turn off your laptop's wireless when not attempting to connect to a known network. Also, make sure your laptop doesn't turn on its wireless when it can't find an Ethernet connection. Most important, disable ad hoc networking, by clicking the Advanced button of the Wireless Network Connection Settings control panel to change it from Any available network (access point preferred) to Access point (infrastructure) networks only.
As with children, the best advice for laptops is to not talk to strangers.