Does Your Computer Suffer from Unsightly Data Seepage? - 2,523 Views, 2 Comments
|
Previous Article « eBay Buyer Can’t Sue Out-of-State Seller in Home State, Says Court
Read Next Article » Club Penguin - MySpace or Second Life for Kids
Does your computer suffer from embarrassing data seepage? Or, perhaps, even compromising data seepage? That’s the conclusion that two researchers came to when analyzing what our wifi-enabled laptops tell the world whenever we turn them on in public. Fortunately, these researchers have created a program to ferret out that data seepage, a program named, aptly enough, Ferret. According to David Maynor and Robert Graham of Errata Security, every time you turn on your wifi-enabled computer, you are either intentionally or accidentally telling the network world far more than you probably intended. This is due to, according to Errata, programs that are set to autostart, your computer looking for resources like shared drives and local network resources upon boot up or waking up, the settings on email clients, and instant messaging clients. Things that can seep, they say, include “Wifi packets, DHCP Broadcast. NetBIOS/SMB Broadcast and DNS/Bonjour Requests.” Their software, Ferret, is designed to show you exactly what data your computer is seeping out to the world. In their presentation, which is online, they give this example: “When a wifi enabled laptop starts up it will look for a list ok “known networksâ€? or networks it has connected to before. This list can be used to determine where the laptop has been used.” Why does that matter? Who cares if someone knows where your laptop has been used? Well, here’s an example that Errata gives of the kind of data that an ordinary person’s ordinary laptop can seep, and what can be gleaned from the information: “A machine with the Mac Address of 00-18-f3-57-24BD belongs to John Smith. This laptop has connected to wifi access point at Hartsfield airport, Heathrow, SeaTac, and various T-Mobile spots, and ABCsoft and XYZsoft. John has the AIM name “PrschDude9â€? and has XYZsoft1 on his buddy list. He uses a popclient to check his personal email and his passwd is porsche911turbo. John works for ABCsoft because his browsers attempts to go to internal.abcsoft.com when it first starts up. It also attempts to connect to \internal.abcsoft.com\sales and \internal.abcsoft.com\public on start up. He has a myspace account where he had pics of the last company party — So what can you determine about this if you know ABCsoft and XYZsoft are bitter rivals? Sounds like a merger or buyout. Since you know Johns pop password you can try it against ABCsoft’s webmail client, he might use the same password. Social Engineering – “Hey wasn’t that a horrible shirt John was wearing at the last company party…run this program to update your accounting software.â€? You know portions of the internal layout of the ABCsoft intranet. Make trojans and client side exploits more efficient because you have a target to attack. ” Their Ferret code appears to be still in the very baby beta stages, and they allude to as much on their site. Still, if you are geek enough and want to try running the code, you can get it from their website at ErrataSec.com You can see their presentation here.
Follow Anne on Twitter
Does Your Computer Suffer from Unsightly Data Seepage?
Twitter Explained in Plain English
Previous Article « eBay Buyer Can’t Sue Out-of-State Seller in Home State, Says Court
Read Next Article » Club Penguin - MySpace or Second Life for Kids
Read more:
» Enormous Database of Wifi Routers - Including Yours! - Revealed by AOL and Skyhook Announcement
» Do You Suffer from Email Domain Shame? Many AOL, Hotmail, Yahoo and Other Users Do
» Personal Data Storage Moves Entirely Online with the Zonbu Computer
» Circuit City Claims No Obligation to Protect Customer’s Most Personal Data
For additional similar stories check out our archives on Security, Wireless Wifi
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
Great post and very interesting information. I’m going to try that code out on my notebook and see what it comes up with.
Comment by Jono Cono — 3/9/2007 @ 9:45 pm
This has nothing to do with the above story. I was surfing your site and ran across a “get rich quick” article about finding only two bona fide sites, one which involved typing ads from home. I was interrupted, lost the article, and cannot find it anywhere now. Can you send me a link to the article? I’m really interested; otherwise I would not bother you. Thank you.
Comment by Judi Coleman — 3/14/2007 @ 12:08 pm