4
For instance, you're laptop's wifi card is on, but you've deliberately not connected to any hot spots. Is there anyway it can be hacked while sitting there, and not connected?
Rhubarb
Posted 2010-06-06T22:58:51.783
Reputation: 411
Can a laptop be compromised through WiFi if the machine never connects to a hotspot?
Answers
5
It will still be scanning for networks, which means receiving and processing broadcast packets. It is possible for these packets to be malformed, and if the stack is buggy, then this malformed packet could trigger a bug and then compromise the laptop.
I've never heard of an actual attack using this method, there are going to be so few laptops in this state compared to the number actually attached to a network that it seems to be a very strange way to attack a system, but if you're worried, disable the wifi card when you're not using it. Of course, if you want to be really secure, you need a concrete box.
gorilla
Posted 2010-06-06T22:58:51.783
Reputation: 2 204
Also, as it sends the list of ESSIDs it want to connect to ("probes"), you can sniff that packet, then create a pseudo-hotspot (DHCP and everything, of course) with just one purpose: trick that laptop into connecting the hotspot and then, for example, exploit a vulnerable service. – whitequark – 2010-06-07T02:22:12.177
So what is the solution to this on the laptop? Is there a way to disable probing of hotspots? I know exactly the only hotspot I am interested in connecting to, how do I tell Windows to keep its trap shut? – Rhubarb – 2010-06-17T01:31:11.340