City youth finds ‘hole’ in Windows
6 Feb 2010, 0840 hrs IST
LUCKNOW, India: Even the best can err. And, Microsoft is no exception. The IT giant’s latest operating system Windows-7 has been found to have a ‘serious lapse’, making protected wireless networks vulnerable to misuse. This may cause technical glitch and has a potential to cause huge losses to wi-fi network operators besides posing threat to national and individual security.
Navi Ranjan, 23-year old final year management student at Jaipuria Institute of Management, Lucknow, detected the lapse two months back while checking the properties of Windows 7 installed in his new laptop.
The young student, an IT freak, found that the security key fed to login to wi-fi network connectivity can be deciphered due to an ‘in-built lapse’ in all editions of the Windows 7.
Lapses may lead to security risk LUCKNOW: The process to find the number of networks available in the range, one has to click the ‘connections’ icon displayed on the task bar of computer screen. Then the security code or password provided by the service operator is fed to connect to the wi-fi network of choice and access Internet. The password is automatically encrypted to protect the wi-fi network from any unauthorised access.
But in Windows 7 the ‘hidden’ password can be deciphered. On entering ‘open network sharing centre’ and clicking ‘manage wireless connection’, the user finds ‘check network properties’ through which one can enter security zone, where lies ‘network key’ in asterisks. There one also finds a provision ‘show characters’ which when clicked, deciphers password and displays it on the screen.
“This is a serious lapse in Windows 7 while connecting to wi-fi network. The password fed by the operator for using wi-fi network at a particular place such as an educational institute or government building, if leaked by one of the user to an outsider, can be misused.
An unauthorised person can easily access the network for personal or professional use, even against the country,” said Navi. He also wrote to Microsoft India about the problem, contacting the company through email, phone and fax to draw attention towards the seriousness of the issue. “Somebody from the company called me to inquire about the problem. I also received a mail in which Microsoft India officials with number of questions but nothing concrete has been done as yet,” Navi claimed.
Navi, who inherited technical brain from his father Ranjan Saxena, executive Engineer in UP Power Corporation, believes that an outsider after getting hold of the password can send thread emails to any body, can enable wi-fi on wireless fidelity enabled mobile phones and other wi-fi enabled devices.
“The unauthorised user can even run a cyber cafe using your network,” claimed the boy. While assuring to help him out, Microsoft India’s customer care service, in response, asked Navi furnish information - full name and version of operating system, product Key of operating system, is the system is connected to any LAN/Domain or a work group, whether operating system was preinstalled or purchased separately from a retail shop and installed thereafter among other things.
The young student, an IT freak, found that the security key fed to login to wi-fi network connectivity can be deciphered due to an ‘in-built lapse’ in all editions of the Windows 7.
Lapses may lead to security risk LUCKNOW: The process to find the number of networks available in the range, one has to click the ‘connections’ icon displayed on the task bar of computer screen. Then the security code or password provided by the service operator is fed to connect to the wi-fi network of choice and access Internet. The password is automatically encrypted to protect the wi-fi network from any unauthorised access.
But in Windows 7 the ‘hidden’ password can be deciphered. On entering ‘open network sharing centre’ and clicking ‘manage wireless connection’, the user finds ‘check network properties’ through which one can enter security zone, where lies ‘network key’ in asterisks. There one also finds a provision ‘show characters’ which when clicked, deciphers password and displays it on the screen.
“This is a serious lapse in Windows 7 while connecting to wi-fi network. The password fed by the operator for using wi-fi network at a particular place such as an educational institute or government building, if leaked by one of the user to an outsider, can be misused.
An unauthorised person can easily access the network for personal or professional use, even against the country,” said Navi. He also wrote to Microsoft India about the problem, contacting the company through email, phone and fax to draw attention towards the seriousness of the issue. “Somebody from the company called me to inquire about the problem. I also received a mail in which Microsoft India officials with number of questions but nothing concrete has been done as yet,” Navi claimed.
Navi, who inherited technical brain from his father Ranjan Saxena, executive Engineer in UP Power Corporation, believes that an outsider after getting hold of the password can send thread emails to any body, can enable wi-fi on wireless fidelity enabled mobile phones and other wi-fi enabled devices.
“The unauthorised user can even run a cyber cafe using your network,” claimed the boy. While assuring to help him out, Microsoft India’s customer care service, in response, asked Navi furnish information - full name and version of operating system, product Key of operating system, is the system is connected to any LAN/Domain or a work group, whether operating system was preinstalled or purchased separately from a retail shop and installed thereafter among other things.
