'Contagious' wi-fi virus created by Liverpool researchers

http://www.bbc.co.uk/news/technology-26352439

Computers will be fine but cars within range of wi-fi device will have their wheels removed and replaced with bricks.

Saw that article earlier.

I couldn't work out if it is referring to WAPs within routers, in which case surely they have the router, or more likely just stand-alone WAPs attached to routers.

If the latter, then I can see it would be a good idea to alter the password from any default value, but after that how real a threat in the real world is it I wonder?

Though maybe they are worrying more about (multi-)business complexes. Occupants there should have their security sorted.

Well I have wi-fi disabled on my systems, both on the router and on the PCs. No use for it 99.9% of the time, and I enable it temporarily for the other 0.1% (Kindle sync for the gf's e-reader). I could do it over USB if I had to.

The passwords on everything are not default either, so unless there's some WAP-specific password, outwith the wi-fi WPA security, it should be fine. Not sure if a hidden SSID would be much protection though.

The article states that "this was unlikely to be a threat to big business wi-fi networks, which should have enhanced security in place."

I imagine that means that they have changed default passwords, enable encryption and all that.

The BBC could really do people a favour and include links to random password generators and info sites. Simple things like WPA over WEP and WPA2 over WPA. It might encourage folk to actually get round to changing their passwords/SSID to something random (and greater than six characters...roll eyes!).

For what it's worth, apparently a long, easy to remember phrase of 20+ characters is harder to crack than a jumble of characters less than 20 characters. Just as long as it's not:

"You cannot guess my p......." Guess?

The substitution of '1' for 'i' and '0' for 'o' is probably of minimal value too, unless it's a long pw. Crackers probably do it as standard.

http://passwordsgenerator.net/

Test it: https://howsecureismypassword.net/

Surely they can't log in to the admin interface until after they have connected to the wireless (as this is a wireless borne attack it is not suggesting they have a direct wired connection to do it). Therefore if the wireless security is strong then that would stop it (routers don't have enough grunt to do brute force attacks of WPA).

So, first you have to crack the wireless. Then you try the default admin password for the interface. If it works then you hope it is a router you can firmware update and that you have firmware written for that device (given the number of different makes/models then likelihood is potentially low).

There are a lot of factors here and even in a quite built up area it would be a struggle to compromise very many devices.

I think we need to do this.

http://farm6.staticflickr.com/5287/5382823408_69dbe7...

Will a ribbed one degrade the signal?

Not sure that is adequate protection against an airborne virus as there appear to be many other openings in the device it could get into.

That's disgusting!

And there I was being very careful how I worded it to ensure it wasn't.