Brandt Krueger

TECHNICAL PRODUCER, EDUCATOR, SPEAKER, AND CONSULTANT FOR THE MEETING AND EVENTS INDUSTRY. GEEK DAD, HUSBAND

Consultant, Meeting and Event Technology
Owner, Event Technology Consulting
Instructor, Event Leadership Institute
Cohost, #EventIcons - Where the icons of the event industry meet

Filtering by Tag: Windows

WiFi Security Alert- "WiFi Protected Setup" Security Flaw

The Dlink DIR 601 Wireless Router: One of the millions of routers with WiFi Protected Setup This is a legitimate and serious security alert regarding WiFi access.  Apartment-dwellers, businesses in strip malls, hotels, and convention centers all should be advised.  Basically if your WiFi signal reaches to a point where someone could park for a while (less than 24 hours), you are likely vulnerable to having someone hack into your WiFi network, even if it is secured.  This could be, for example, an apartment next door, a lounge in your building, a nearby parking lot, or a car parked on the street if your signal reaches that far.

As usual, making things simple makes them less secure. There is a convenient "feature" of almost all WiFi access points built in the last few years that allows you to connect a device to your network (such as a Windows 7 computer, a cell phone, a printer, etc.) by pressing a button or clicking a dialog box and then entering a short 8 digit pin stamped on a label on the WiFi device.  This is known as "WiFi Protected Setup".

It turns out that the pin can be cracked and give a hacker access to your network in less than 24 hours (sometimes only a couple of hours) of brute force attacking because of a really stupid way that the password is sent/received between the two devices.  Once unencrypted access to your network is gained, the attacker can (at best) use your internet connection and (at worst) sit quietly and watch all of your internet traffic.

If you're comfortable configuring your wireless router, poke around in the settings and look for something called "WiFi protected setup".

THIS IS ENABLED BY DEFAULT.  If you uncheck this "feature" you should be protected from this type of attack until your manufacturer can push out an update.  Check your WiFi router's manufacturer's website frequently over the next couple months to look for an update for your device.

If you want to learn about this in great detail, I highly recommend this podcast, Security Now! with Steve Gibson and Leo Laporte:

http://twit.tv/show/security-now/335

For more general info, just search for "wifi protected setup flaw" on your search engine of choice.

Please feel free to pass this on to anyone you may know with WiFi access points in their home or office.

On Why Apple Better Watch Its Ass.

I want an iPad 2.  I don't need an iPad 2, but I want one.  I'm not even sure I can tell you why, other than I was kinda sorta thinking about maybe getting a tablet this year.  Then I watched the keynote announcement of iPad 2, and if it wasn't for the March 11th launch date, all you would have seen in my office was a swiveling chair and some cartoon *PIONG* lines indicating my rapid departure for Best Buy.  Maybe a couple of dollar bills floating gently to the floor for comedic effect. And I don't think I'm alone.  To say that Apple has hit it out of the park with iOS is an understatement.  According to the iPad 2 keynote, Apple has sold 100 million iPhones and 15 million iPads, which I'd like to remind you came out LAST YEAR.  Whatever the "secret sauce" is to the iOS ecosystem, Apple's definitely got a hit on their hands- which is precisely why they need to start watching their ass.

Why?  History, baby.  History.  Not that long ago, in our own very galaxy, another come-from-behind player had emerged victorious and was dominating the market.  Windows, in relatively short order, had become THE operating system for mainstream Earth.  And shortly thereafter, things started to get ugly.  Licensing disputes, and claims of anti-trust violations started to circle.  Independent browser companies felt that packaging Internet Explorer with Windows unfairly pushed them out of the market.  And it's difficult to say they were wrong- Does anybody remember that you used to have to pay for the higher end Internet browsers?  It was over a decade and hundreds of millions (billions?) of dollars in fines and legal bills later before the dust started to clear.

So what's this have to do with Apple?  Simple.  They're teetering on the edge.  Steve Jobs proudly proclaimed that the iPad had outsold in one year all the other tablets ever sold, so it's safe to say they're the dominant player in that market.  I love Android, but I just don't see the Android tablets as being anything but second fiddle to the iPad 2 anytime soon.  As for the iPhone, depending on what report you read, approximately 50% of all smart phones are iPhones.  That's pretty damn good too.  Finally, how many people to you know that have an MP3 player other than an iPod?  Not bloody many.

"Big deal," you say.  "So what if they're successful?"  It's not their success that the problem.  It's the scrutiny that comes with success, and Apple's begun to throw their weight around a lot lately.  Already we are hearing grumblings from developers and partners regarding Apple's cut of the proceeds when it comes to subscription services.  Apple forces subscriptions to sell for the same price outside the App Store as they do inside.  Combine that with their strict application regulations, and you start to see some cause for concern in the ability for the "little guys" to compete fairly in the market.

The strongest possibility for a source of an unexpected ass-munching comes from something that most people have seen as merely an inconvenience: the fact that all roads travel through iTunes.  Apple needs to change this.  Fast.

If you look at the Microsoft troubles, they didn't come, for the most part, from other operating system developers- they came from the browser developers (which is why the European Union now requires a browser "selection" screen on all Windows installs to level the playing field- Sleipnir, anyone?).  If an attack is to come on Apple, it will come from the media sales and playback front.  Apple requires you to install iTunes to set up your iPod, iPhone, or iPad on both Mac OSX and Windows.  Having device software is nothing new, but why does all of this have to go through, what is, for all practical purposes, a media player?  The answer is both obvious and dangerous- it drives traffic to the iTunes store.

For most consumers, the path of least resistance is the way they go, so why would the averege consumer even consider using anything else like Winamp, or Windows Media Player when iTunes is right there?  And why would they consider using another MP3 or video store like Amazon or Emusic when iTunes is right there?  Hell, iTunes even opens when you plug your device in!

Why is this any diferent than the Microsoft anti trust suits?  Apple is using its dominance in a hardware market to push itself in a software market and a media sales market, and if they don't watch themselves, the next bite out of the apple logo isn't going to come from Microsoft or Android, it's going to come from the US Justice Department or the European Union.  Fortunately, though it's an easy fix and it's not too late.  All they need to do is offer a software utility that handles most of iOS to Desktop/Laptop functionality ("iManage" anyone?).  They can keep all the iTunes integration they want- it's their software, so it should be convenient to use, but there needs to be a separate utility that is the first point of contact for the consumer in order to make their new purchase functional.  They can "recommend" iTunes,  but it can't be the only way to get your media onto your device, and they have to make it easy for other stores like Amazon, and other media players like Window Media to send and retrieve media files from the devices.

I think if Apple makes those two concessions, it will go a long, long way towards keeping the anti-trust investigations at bay.   What do you think?

***Update 6/21/11
I'm curious to know what IOS 5 holds, and how the wireless sync will work.  It feels like they might be moving away from iTunes a little, so let's see what we see...