What is Digg?Sponsored by Dragon Age: Origins
Join the Dragon Age: Origins development team on Facebook view!
facebook.com/DragonAgeOrigins - EA presents BioWare's new dark fantasy epic Dragon Age: Origins. '9/10' from Game Informer.
29 Comments
- joel2600, on 10/12/2007, -0/+7This is not a flaw, this was how the system was designed. A flaw is not people that don't know how to use technology.
When people are too stupid to figure out how to use technology that was designed for ease of use and this creates a problem the vendor will then issue a 'fix' for this 'flaw' which will make the technology harder to use. thus putting it out of reach of the people who were messing with it in the first place. problem solved? i guess so.
the default, however, should not be to connect to an ad-hoc network if you did not connect manually. for example, say on a fresh boot of your pc if there are no other access points around your software should not place you on an ad-hoc network without you telling it to.
--------
Chuck Norris donates all proceeds from the Total Gym to his Children Without Beards organization. - joel2600, on 10/12/2007, -0/+7i'm suprised this made the front page.... the title should be
"microsoft confirms their wireless networking works as it was designed"
researcher1: i have an ad-hoc network, can you connect to it
researcher2: yup
1: ok i shut my computer off.
2: omg!! i'm still connected, other people can connect too!!! wtf!
1: man, that is so stupid. microsoft is dumb and their system is full of flaws.
2: yeah, we are total geniouses for figuring this out without any understanding of how ad-hoc networks operate
1: should we post our findings in english or l33t speak so our audience understands better
2: we'll do both!
1: brilliant!!!
anyways, as i said up top. this is definitley not a flaw.... however. if your computer can not connect to any wireless network, it should not default to an ad-hoc network (it does this when it doesn't find anything and you have connected to an ad-hoc in the past) without you telling it to. ie, you reboot and it doesn't find anything it should ask you before setting itself up on the last ad-hoc settings it connected to.
this was sort of the point these people were driving at, but they did a horrible job explaining it, and also nothing they pointed to really focuses on when these connections should and should not be established. - dominowrecker, on 10/12/2007, -0/+2you think this flaw is bad....I hear that windoze has a HUGE flaw in the way its mouse works.
If someone sits down at your computer they can just right click and delete files!
Yes you heard me correctly, that second button is a HUGE security risk.
/sarcasm
What is it with you Mac heads? do you really feel that insecure about your OS that you have to look for anything, and I do mean ANYTHING to try and make windows look bad?
I'm so sick of the tech posers on here....bottom line is I like Macs, and would almost guarantee that I know more about Macs then most of the Mac-lovers on digg. But at the end of the day, windows has an INSANE amount of options over every other platform cause its the standard. So until Macs are the standard and have the same amount of options, I will use one only when needed. (as of right now that would be for the times when I need to use finalcut pro)
even the most average of computer users DO NOT have problems with XP/2000/2003. I NEVER got BSOD, I NEVER got hacked, and NEVER got a virus on any of my XP/2000/2003 machines. you know why? cause I know how to use a computer!
So to some it up, this place is being wrecked by tech-posers who think they know what they are talking about cause they are using an OS that Kevin Rose happens to like.
Kevin if you are reading this.....stop giving these posers ammunition by bragging about a non-standard OS all the time. You are just attracting more and more posers to Digg. (not that I disagree that OSX is nice, but you know what I am saying) - mancat, on 10/12/2007, -0/+1This is a situation that is extremely unlikely to be encountered, and if you have your firewall enabled, there is really no issue at all.
- geminitojanus, on 10/12/2007, -0/+1I wasn't aware ad-hoc wireless networks were a flaw?
- Phil246, on 10/12/2007, -1/+2@Berkana : Security isnt something you can easily bolt onto something which is already full of holes when you have to maintain compatability with things.
Its best applied from a top-down design, and even then theres no guarantee that every bug will be caught.
As for so many eyes working on XP, the sourcecode isnt open to look at and check , like open source products are - so they are limited primarily to in-house staff or people daft enough to pay the ludicrous amounts required to gain access to (some of) the source - Phil246, on 10/12/2007, -0/+0bleh. not had my coffee today. replace top down - with ground-up
- PseudoCyborg, on 10/12/2007, -0/+0ugh... stupid captcha....
"This is not a flaw, this was how the system was designed. A flaw is not people that don't know how to use technology.
When people are too stupid to figure out how to use technology that was designed for ease of use and this creates a problem the vendor will then issue a 'fix' for this 'flaw' which will make the technology harder to use. thus putting it out of reach of the people who were messing with it in the first place. problem solved? i guess so."
- joel2600
Sounds like the typical programmer. Lessons in usability and user expectations help in application development. - nunofgs, on 10/12/2007, -0/+0That fix isn't very good. With a prism2 card and the hostap drivers you can create an infrastructure network very easily
- joel2600, on 10/12/2007, -0/+0i just noticed this zdnet article posted @ 3am this morning.
http://blogs.zdnet.com/Ou/?p=149
i wonder if this person had read my comments before creating this article.... wishful thinking. - billyocean, on 10/12/2007, -0/+0No dollar sign, yeeeey.
- Agret, on 10/12/2007, -0/+0Wow so you created an ad-hoc network and someone else joined. How the hell is that a flaw? That's how ad-hoc networks work duhh
- PseudoCyborg, on 10/12/2007, -0/+0"This is not a flaw, this was how the system was designed. A flaw is not people that don't know how to use technology.rnrnWhen people are too stupid to figure out how to use technology that was designed for ease of use and this creates a problem the vendor will then issue a 'fix' for this 'flaw' which will make the technology harder to use. thus putting it out of reach of the people who were messing with it in the first place. problem solved? i guess so."rn- joel2600rnrnSounds like the typical programmer. Lessons in usability and user expectations help in application development.
- rpeterclark, on 10/12/2007, -0/+0Lame, this "flaw" can only be exploited if you deliberately disable your firewall. Even the built-in XP firewall is enough in this case. If you are dumb enough to do that, then maybe you shouldn't have a computer.
- andellmoon, on 10/12/2007, -0/+0Things that work auto-magically are cool, but only if you know what they are doing. Otherwise, its voodoo.
- rrobster, on 10/12/2007, -0/+0WPA (psk and enterprise) is only crackable due to the user having weak (dictionary) passwords. If you use a password containing random numbers, letters and symbols AND it's at least 25 characters long, there's no way you can get hacked. This could, of course, change in the future with more sophisticated cracking programs, but for now WPA is safe.
- sinned, on 10/12/2007, -0/+0I think most of you are missing the point. The OS is doing something the user is not expecting and giving a false sense of security. Users are going to open shares on their hard drives and allow programs through their firewalls. Besides, where in TFA does it say a solution is to turn on the firewall? Microsoft says that will "reduce the risk", but that won't stop a dedicated/bored attacker who has nothing else to do on a long flight. I'm surprised people still believe turning on a firewall is like a magic barrier that stops all evil.
How about providing a portal page, so if that user happens to use any program that requests a webpage they download a certain WMF file. Owned... Use your imagination. - inactive, on 10/12/2007, -0/+0AS of today all wifi is flawed wpa wep all of that ***** i can get in anywhere with that *****!
- duke_nate, on 10/12/2007, -0/+0Jeeze, keep your firewall on or get a freakin access point.
- tazamore, on 10/12/2007, -0/+0dominowrecker: LOL!
- elrawtic, on 10/12/2007, -0/+0I have not come across a current OS that is flawfree.rnEven popular software that is available has flaws in it as well.rnrnGet over it and adapt.rnrnQuit haning off K Roses nuts too..^^^^
- JAWA, on 10/12/2007, -0/+0This clearly is not a flaw, but we need to keep stupid people from spreading viruses and getting hacked and eventually becoming clones. I think the default setting to only connect to infrastructure is a good call. I didn't have that setting checked, but I do now. So I am one of those previously mentioned stupid people? doh.
- sinned, on 10/12/2007, -0/+0@rpeterclarkrnYes, I read that article as well, but I'll take Simple's analysis (http://www.nmrc.org/pub/advise/20060114.txt) over some reporter commenting on a quick and dirty demonstration. Windows is making what it thinks is a valid wireless connection. Why would they design their built-in 'user-friendly' firewall to block the functionality of said wireless connection?
- rpeterclark, on 10/12/2007, -0/+0@sinned, read the original article where the author "discovers" this flaw:
http://blogs.washingtonpost.com/securityfix/2006/01/windows_feature.html
"Anyway, you might be wondering now how you can make sure your Windows laptop is protected from this.....er, feature. First of all, if you are running any kind of network firewall -- including the firewall that comes built in to Windows XP -- you won't have to worry about some stranger connecting to your laptop. In fact, I had to shut down my firewall for both of us to successfully conduct our test." - jeff4379, on 10/12/2007, -1/+0My god people, RTFA! This is not newsworthy unless you are a security guru. Even then you'd probably glance at it and say to yourself "well, duh..." and move on.
- pcgeek101, on 10/12/2007, -1/+0Wi-fi on Windows is fine for me ... if you can't get it working, then you've got much bigger things to learn first. :-|
- Berkana, on 10/12/2007, -2/+1You know what? I saw a book at Borders book store on writing secure code, by Microsoft Press. If they have the staff to write books instructing people on writing secure code, you'd think they'd be able to write better code themselves. (Needless to say, I will never buy a book on secure coding from MS)
When Bill Gates made the internet #1 priority at MS back in the 90's, MS quickly dominated. However, something like 4 years ago, Bill Gates made security #1 priority, and you'd think that with so many years of probing and with a mandate from the top to make security #1 priority, that folks would have shaken out all the bugs in XP. It boggles my mind how after so many years and so many eyes working on XP that it still leaks bugs like crazy. The XP must stand for Xploitation. - inactive, on 10/12/2007, -3/+0OMG! Noway!! NO FAIR!! NOT ANOTHER FLAW!!! IMPOSSIBLE!! NOT WINDOZE XP!!! IMPOSSIBLE!! PERPOSTERUS...hahahahah....(hey do you thing I will get a poser correcting my spelling...gawd, so predictable!) No but seriously Windowze Xp is TOTALLY SECURE... Just unplug it from the internet, and 95% of exploits are gone, instantly! How's that for wonderful. Wooo Hooooo! Ok, no seriously, just use your latest updater and download the cripleware er um "Service Pack" from MS, and all will be ok, heck if you don't chose to disclose your private info and download the latest updates from MS YOU DESERVE to get hacked. You also deserve this exploit for not spending hours tweaking your computer to be secure, you know..... like how it should come out of the box. (yes sarcasm) :)
- inactive, on 10/12/2007, -3/+0Wi-Fi on windows sucks, get a mac. :P
© Digg Inc. 2009
— Content created and posted by Digg users is