When I'm really, really bored at an airport, I'll start looking around the local Wi-Fi networks with WireShark. This is an outstanding network protocol analyzer. Usually it's used for checking out what's really going on in your business network. Of course, if you know what you're doing you can also use it on Wi-Fi to see just how awful everyone's security is around you. But, that's a story for another day. Recently, I noticed that I kept seeing "Free Public Wifi" APs (access points) showing up. I assumed it was someone trolling for innocents wanting to be infected with malware. I was wrong. It's actually a much more interesting Windows XP security flaw.

A friend of mine pointed me to what was really going on. If you want to know more of the details, I recommend this article Free Public WiFi SSID. The short version is that Windows XP includes a utility, WZC (Wireless Zero Configuration). This was superseded in Vista and Windows 7 by WLAN Autoconfig. In either case, the idea is to make connecting to Wi-Fi APs easy.

The problem is that they make it a little too easy. If you have WZC enabled when you boot up, it starts looking around for a preferred network SSID (Service set identifier), the human-readable name that many APs use to identify themselves.

Let's say it can't find one. Next, it will try to connect to other APs on your 'preferred' list of APs just in case it didn't detect it the first time or the AP isn't transmitting an SSID anymore. If it fails again, it will then start looking for any ad-hoc networks on your preferred list. Ad hoc netw