Wi-Fi Security Vendors Sound Desperate

When wireless security researchers demonstrated a Wi-Fi driver exploit at Black Hat USA 2006 that allowed a remote attacker to take over a laptop, wireless IDS/IPS vendors Network Chemistry and AirTight Networks quickly issued press releases claiming their enterprise and mobile products protected against such vulnerabilities.

Under questioning, both Network Chemistry and AirTight admitted they don't have any more specifics about the exploit than what was publicly available. Until the researchers release more details, one can only speculate on how this class of attacks functions.

Such opportunism smacks of desperation, and does little for the credibility of these companies or their nascent market. That's a shame, in part because WIDPS products may have a role to play in mitigating the new vulnerabilities. The mobile versions of the WIDPS products can generally be configured with policies such that even if the laptop is momentarily exploited, the WIDPS agent should quickly break off the connection.

But responsible companies should wait until they have more details before they claim full protection. Unfortunately, the security market is rife with vendors trading on fear and opportunism. Network Chemistry and AirTight Networks are merely aping the industry standard. --Frank Bulk, [email protected]