Re: "Attack of the Wireless Worms"

2009-01-30 Thread Peter Gutmann
Donald Eastlake  writes:

>"Recent research has shown that a new and disturbing form of computer
>infection is readily spread: the epidemic copying of malicious code
>among wireless routers without the participation of intervening
>computers. Such an epidemic could easily strike cities, where the
>ranges of wireless routers often overlap."

Does anyone know whether anything like this actually exists?  I've seen 
earlier work in this area that was either man-in-the-router proof-of-concept 
stuff or simulation (as this work appears to be), but I don't know of any 
in-the-wild mesh-network malware.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Re: "Attack of the Wireless Worms"

2009-01-30 Thread Jerry Leichter

On Jan 29, 2009, at 10:07 AM, Donald Eastlake wrote:

"Recent research has shown that a new and disturbing form of computer
infection is readily spread: the epidemic copying of malicious code
among wireless routers without the participation of intervening
computers. Such an epidemic could easily strike cities, where the
ranges of wireless routers often overlap."

It's worth reading both the original article that describes the  
simulation - cited in the blog entry as  
- and the actual blog entry, which is much more reasonable.

The original article posits that, if you can get onto a wireless  
network, you can load an update into the wireless router.  (They  
should have said "access point", but ignore that; the confusion is now  
so well established that it doesn't much matter.)  Given that  
assumption, and further given the assumption that not only could you  
do it, you could write a virus that would do it for you, across a wide  
variety of router models from multiple vendors, they use some  
simulations to determine how long it would take to infect all the  
routers in several "well-wirelessed" metropolitan areas.  The numbers  
come out to a matter of days to hours.  Their only recommendation is  
that everyone use WPA2 with a strong password.

Of course, I could equally well write a paper on the assumption that  
car computers could infect other car computers by modulating the  
headlights, and then calculate how long it would take a virus to  
spread through all the cars in a city.  Maybe we all need to cover the  
headlights of our cars "for security".

Access to a wireless network is a long way from administrative access  
to the router for that network.  Granted, some devices have weak  
administrative passwords.  That's certainly a problem - but the right  
approach to fixing *that* problem is, well, to fix that problem: Use a  
strong password.  It's very rare that anyone needs admin access to  
their wireless routers.  There's no reason not to choose a complex  
password, write it on sticker, and attach it to the router:  If  
someone has physical access to your router, your security is gone  
anyway.  The Spectrum article makes this point, and also points out  
that this would be a non-problem if vendors shipped routers with  
unique passwords pre-set on them.  (In fact, DSL routers - and  
probably cable routers - typically come that way.  They can also  
usually be set to permit admin access only from the "home" side, not  
the "network" side - as some wireless routers can be set to allow  
admin access only from their wired ports.)

There are many real problems around, but there are also many pseudo- 
problems.  The pseudo-problems do let you publish neat papers  
sometimes, but it's important not to take them *too* seriously.

-- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to