By now, you’ve read about the vulnerability in the Intel Wireless Drivers. If you haven’t make sure you read this, and then check with your vendor for their version of the Intel update.
What I found funny was that Johnny Cache who presented a similar (or the same) vulnerability on a Macbook is quoted as saying,
The likelihood that you’ll encounter this particular exploit is small. “You have to have some economic gain,” said Cache in an interview after the event. Right now, there’s little gain in hacking into an individual laptop at short range.
There are just so many things wrong with that statement. I wonder if he would have said the same things about the Sybian OS phone attacks, or bluetooth address book harvesting. Short range attacks are fairly likely to be attempted at conferences, airports, and other large gathering of geeks. Has he forgotten so quickly that some attacks are done just because it can be done? Money doesn’t have to be the prime motivating factor. Of course I can think of many examples where money could be gained by using this exploit. Its a new spin on war driving, war automated hacking! Or worse yet, its industrial espionage. You role up in my parking lot and install a bot through the this wifi driver attack. You’re now a privileged computer on my network.
I think this weekend I’m going to go watch the video of the hack (I think sunbelt has it linked), and then check on the Dell and Toshiba driver situations. I think my tablet is using a vulnerable wireless driver.