{"id":6381,"date":"2016-12-01T00:00:00","date_gmt":"2016-11-30T23:00:00","guid":{"rendered":"http:\/\/e3mag.com\/?p=6381"},"modified":"2019-04-01T08:56:32","modified_gmt":"2019-04-01T06:56:32","slug":"future-love-yesterday-2","status":"publish","type":"post","link":"https:\/\/e3mag.com\/en\/zukunft-lief-doch-gestern-schon-2\/","title":{"rendered":"Future? It was already on yesterday!"},"content":{"rendered":"

Today's EWLANInfrastructures<\/span> operate at 2.4 and 5 GHz - a frequency range in which water interacts with electromagnetic waves. Anyone with an old microwave oven that, when switched on, emits the WLAN<\/span>-The people who have problems with reception can tell you a thing or two about it.<\/p>\n

But how does something like this become a security problem? Through the clever, but hardly imaginable use of applications. But one after the other...<\/p>

\"\"<\/a><\/div>\n

The human body consists of more than 50 percent water. We humans also interact with the WLAN<\/span>. These \"disturbances\" are by far not as massive as with old microwaves, but measurable!<\/p>\n

If one combines the information of several Antennas<\/span>The railgun in the Schwarzenegger film Eraser is not so far-fetched. So the \"railgun\" in the Schwarzenegger film \"Eraser\" is not so far-fetched.<\/p>\n

Recent research even allows to distinguish gestures with arm or fingers in space - just remember Tom Cruise in \"Minority Report\"!<\/p>\n

Scanning through walls and detecting movements in electromagnetic fields are nothing new: For example, police can use them to gain information about people taken hostage without entering the room.<\/p>\n

Even if the systems are more sophisticated and emit waves: The principle is the same.<\/p>\n

See through walls<\/h3>\n

But the possibilities go much further: current research shows how to determine the PIN on a mobile device just by evaluating generally available information at a WLAN<\/span>-Router<\/span>.<\/p>\n

Modern variants use several Antennas<\/span>, the signal reception strength can be read out easily (CSI - Channel Strength Information). If a mobile device is connected to the Router<\/span> connected, there are minimal changes in the reception strengths during (PIN) entry: due to the movement of the hand in the room where it is connected to the WLAN<\/span>-waves interacts, and by the minimally changed orientation of the device.<\/p>\n

If the changes in reception strength are correlated, there is a probability of up to 81.8 percent of recognizing a ten-digit PIN that has been entered - without any compromise of the terminal device itself. This is where the purely academic approach to a future threat becomes an actual problem!<\/p>\n

For a potential attacker, it is not even necessary to have a public Hotspot<\/span> in a caf\u00e9. He simply sets a so-called rogue Access Point<\/span> on, under an existing or a generic name (\"WLAN<\/span>\", \"freeWiFi\"...).<\/p>\n

The process can even be automated to the point where the rogue Access Point<\/span> automatically checks according to which WiFi<\/span>-name devices, and also offers these names. This leads to devices (often without any user interaction) offering such Nets<\/span> use automatically.<\/p>\n

Security<\/span>: always new, always exciting<\/h3>\n

The danger in the use of public Hotspots<\/span> So it is no longer just that the Communication<\/span> can be intercepted. Meanwhile, local inputs can also be evaluated on the device.<\/p>\n

So, especially for critical applications, it is advisable to rely on additional mechanisms such as a fingerprint. Such scenarios are one reason why IT<\/span>-Security<\/span> is so interesting and will probably remain so.<\/p>\n

Threats are always coming from new and sometimes completely unexpected directions - as IT<\/span>-As security managers, we must identify these risks, develop appropriate countermeasures, and implement them.<\/p>\n

In the specific case, it is recommended to confirm previous \"Best Practices<\/span>\". The access of devices to public Hotspots<\/span> has risk potential. In the past, it was the possibility of Communication<\/span> Today, there is also the additional risk that PINs and other entries can be intercepted.<\/p>\n

Depending on the criticality of the Data<\/span> thus another scenario that should play a role in risk considerations.<\/p>","protected":false},"excerpt":{"rendered":"

Do you know that too? You stumble across a topic, think it's science fiction - and one day you realize that the future has long since become reality...<\/p>","protected":false},"author":52,"featured_media":15608,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"pmpro_default_level":"","footnotes":""},"categories":[21,7,740],"tags":[],"coauthors":[24313],"class_list":["post-6381","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-security","category-meinung","category-mag1612","pmpro-has-access"],"acf":[],"featured_image_urls_v2":{"full":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"thumbnail":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-150x150.jpg",150,150,true],"medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",400,172,false],"medium_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-768x331.jpg",768,331,true],"large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"image-100":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-100x43.jpg",100,43,true],"image-480":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-480x207.jpg",480,207,true],"image-640":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-640x276.jpg",640,276,true],"image-720":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-720x310.jpg",720,310,true],"image-960":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-960x414.jpg",960,414,true],"image-1168":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"image-1440":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"image-1920":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"1536x1536":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"2048x2048":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"trp-custom-language-flag":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",18,8,false],"bricks_large_16x9":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"bricks_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"bricks_large_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",1000,431,false],"bricks_medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",600,259,false],"bricks_medium_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security.jpg",600,259,false],"profile_24":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-24x24.jpg",24,24,true],"profile_48":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-48x48.jpg",48,48,true],"profile_96":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-96x96.jpg",96,96,true],"profile_150":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-150x150.jpg",150,150,true],"profile_300":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/03\/It-Security-300x300.jpg",300,300,true]},"post_excerpt_stackable_v2":"

Kennen Sie das auch? Sie stolpern \u00fcber ein Thema, halten es f\u00fcr Science-Fiction \u2013 und merken eines Tages, dass die Zukunft l\u00e4ngst Realit\u00e4t ist…<\/p>\n","category_list_v2":"IT-Security Kolumne<\/a>, Die Meinung der SAP-Community<\/a>, MAG 16-12<\/a>","author_info_v2":{"name":"Raimund Genes, Trend Micro","url":"https:\/\/e3mag.com\/en\/author\/raimund-genes\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/6381","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/users\/52"}],"replies":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/comments?post=6381"}],"version-history":[{"count":0,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/6381\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media\/15608"}],"wp:attachment":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media?parent=6381"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/categories?post=6381"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/tags?post=6381"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/coauthors?post=6381"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}