Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Security flaw in wireless client used in some Pocket PC devices identified
Posted on 17-Jan-2005 08:22 | Tags Filed under: News



Security firm Airscanner has discovered a flaw in the way the Windows Mobile Odyssey client manages the WEP key information. The wireless driver included with the Dell X50 Pocket PC stores WEP keys as plaintext in the registry. The keys
KEY4=6677889900, KEY3=1122334455, KEY2=eeffddeeff, KEY1=aabbccddee are stored in the registry as

[HKEY_LOCAL_MACHINE\Comm\TIACXWLN1\Parms]
"HTCWEPDefaultKey4"=hex:01,00,00,00,66,77,88,99,00,8c,f6,36,1d,af,90,17,5b,00,f6,36,1d,af,00,00,00
"HTCWEPDefaultKey3"=hex:01,00,00,00,11,22,33,44,55,8c,f6,36,1d,af,90,17,5b,00,f6,36,1d,af,00,00,00
"HTCWEPDefaultKey2"=hex:01,00,00,00,ee,ff,dd,ee,ff,8c,f6,36,1d,af,90,17,5b,00,f6,36,1d,af,00,00,00
"HTCWEPDefaultKey1"=hex:01,00,00,00,aa,bb,cc,dd,ee,8c,f6,36,1d,af,90,17,5b,00,f6,36,1d,af,00,00,00

Airscanner says this could be a problem if the handheld is lost or borrowed. Since this information is stored as plaintext, anyone could read it and gain access to the WEP protected network registered with this device. This has not yet been tested with other devices that use the Odyssey client.

Originally the problem was thought to be within the Odyssey client used on these Pocket PC, but Funk Software, developers of the Odyssey client commented: "Odyssey encrypts all sensitive information that it stores in the registry. The example registry settings are not even from the area of the registry that Odyssey uses.

It is possible that the WEP keys you cite were stored by the NIC driver. An old practice, apparently not yet abandoned, is for NIC drivers to save the last configured WEP keys, so that they can be re-instantiated on reboot. Thus, when Odyssey sets the operational WEP keys for the adapter, the NIC driver might be storing them in its own area of the registry."



More information: http://www.airscanner.com...

comments powered by Disqus


Trending now »

Hot discussions in our forums right now:

IPv6 beta for Bigpipe
Created by JoshBigpipe, last reply by IPv6pipe on 30-Mar-2017 21:22 (109 replies)
Pages... 6 7 8


The President Of The USA: Donald Trump
Created by TimA, last reply by MikeB4 on 31-Mar-2017 09:14 (3707 replies)
Pages... 246 247 248


Dell laptops shipping with 10/100 ethernet adapters -Am I being ripped off?
Created by Fishfingers, last reply by networkn on 27-Mar-2017 17:54 (50 replies)
Pages... 2 3 4


USB sticks for backup (Sandisk Extremes).
Created by rayonline, last reply by MadEngineer on 29-Mar-2017 19:51 (21 replies)
Pages... 2


New fibre speed boost only get half speed
Created by Jekkyl, last reply by Jekkyl on 30-Mar-2017 16:18 (62 replies)
Pages... 3 4 5


TiVo Service ending on 31 October 2017
Created by Riggleby, last reply by old3eyes on 28-Mar-2017 11:15 (566 replies)
Pages... 36 37 38


Dishwasher Recommendations Please
Created by tdgeek, last reply by mattwnz on 30-Mar-2017 00:33 (38 replies)
Pages... 2 3


$100 phone ?
Created by xpd, last reply by xpd on 30-Mar-2017 20:34 (17 replies)
Pages... 2