Yesterday, i found a lot laptop connect internet via wireless. I check security a wireless access point which no problem. So i check laptop of user. Laptop run Window Vista Bussiness, open wireless adapter connection --> Properties. In Security Tab i saw a check box ' Show characters'. I check it so Network security key is show. What is that? I don't know why Window Vista have a function? I use window xp haven't a problem(?). Dear All, Our company is now thinking of implementing Windows 7, however I encounter a BIG security issue with this O/S. ( I thought Win7 suppose to be tight in Security) Wireless Network Security Key Flaw When the Wireless Lan Network Keys have already been entered into the system. A normal user with administrative rights (to the local machine) can in fact goes into the Wireless network properties and view the entered Network Security Key. (See Picture 1 and 2) This is due to a checkbox located conveniently below the Network Security Key, named Show Characters. By clicking on this checkbox, the user actually can have the network security key displayed in clear text! Now, isn't that convenient? Links to pictures as below: (pics slightly small) anyone got advise on how to remove the checkbox? Thank you in advance. Dear Novak, I do understand that this is by 'Design'. However, as IT Administrator of the company's notebooks, I do not require this feature as I do not think that I'd ever forget the WPA key. And yet, our users require administrator rights because we are a solution provider company, and our users tends to travel so often that they will require the rights to their local administrator for software installation, and such. If the MS Feedback & Idea Center is the only option, then I'd proceed that way. I have the same problem here. I am the network admin here in our university. As part of our security, we require our students to register their device. We are the ones who types the passkey so that no unregistered device can access our wifi. Ever since the windows 7 came out, we noticed that there are a lot of unregistered devices in our network already. We found out about this issue recently. Now, we are no longer accepting pc with windows 7 OS. Some of the students went back to vista and xp just to be able to access the school resources. I do hope that you would try to fix this issue. And if you say that 'the feature is by design', well, you better redesign this feature. Please let me know if there is a service pack for this. Email me please! ([email protected]) By the way, a security flaw can't be fix through additional security in the network! And Adamis is right! The links in the MS Feedback & Idea Center is invalid. In general, pre-shared keys are not very secure. Microsoft is sending you the message. WEP and WPA are very suspectible to attack. WPA uses SSID as salt, but that means you can easily create rainbow tables for a given SSID. They are also vulnerable to dictionary attacks / weak passphrases. If you can capture an authentication session, you can crack the network. There are code out there to brute-force WPA2-PSK, also code for NVIDIA graphics cards, so 100 times faster than current Intel CPU's.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2019
Categories |