Ancient vulnerabilities are geddon in the way of security

[InfoSec News <alerts () infosecnews org>]

http://www.zdnet.com/ancient-vulnerabilities-are-geddon-in-the-way-of-security-7000031192/

By Stilgherrian for The Full Tilt
ZDNet.com
July 3, 201

"We are failing at communicating to the rest of the world," says James 
Lyne, global head of security research at Sophos. "I think that we have a 
fundamental broken behaviour in this industry that we need to go and 
shift." And he's got numbers to back up his claim.

Lyne has been warbiking. That's exactly the same thing as wardriving, that 
is, driving around a city to map out its open and poorly secured wireless 
networks, but with more lycra. His results for London and San Fransisco 
are already online, and those for Las Vegas, Hanoi and Sydney are coming 
soon.

On Wednesday, journalists were given a preview of Sydney's results, which 
Lyne described as the "least worst of a bad bunch".

Of the 34,476 wi-fi networks he detected while cycling Sydney streets, 
1,371 (3.98 percent) were still using the obsolete Wired Equivalent 
Privacy (WEP) protocol. That's significantly better than San Francisco's 
9.5 percent, which presumably has so many obsolete wireless networks 
because it rolled them out sooner, but it's still a worry.

"WEP is just broken, bad, has been known-bad for such a long time, and 
there really isn't a context in which it should be used now — and it's 
still remarkably present," Lyne told ZDNet.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/