{"id":16431,"date":"2016-08-13T09:52:20","date_gmt":"2016-08-13T14:52:20","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=16431"},"modified":"2016-08-13T11:56:57","modified_gmt":"2016-08-13T16:56:57","slug":"disable-wpad-now-or-have-your-accounts-and-private-data-compromised","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=16431","title":{"rendered":"Disable WPAD now or have your accounts and private data compromised"},"content":{"rendered":"<blockquote><p>WPAD is a protocol, developed in 1999 by people from Microsoft and other technology companies, that allows computers to automatically discover which web proxy they should use. The proxy is defined in a JavaScript file called a proxy auto-config (PAC) file.<\/p>\n<aside id=\"\" class=\"nativo-promo smartphone\"><\/aside>\n<p>The location of PAC files can be discovered through WPAD in several ways: through a special Dynamic Host Configuration Protocol (DHCP) option, through local Domain Name System (DNS) lookups, or through Link-Local Multicast Name Resolution (LLMNR).<\/p><\/blockquote>\n<p>Source: <em><a href=\"http:\/\/www.csoonline.com\/article\/3106076\/data-protection\/disable-wpad-now-or-have-your-accounts-and-private-data-compromised.html\">Disable WPAD now or have your accounts and private data compromised | CSO Online<\/a><\/em><\/p>\n<blockquote><p>The researchers recommended computer users disable the protocol. &#8220;No seriously, turn off WPAD!&#8221; one of their presentation slides said. &#8220;If you still need to use PAC files, turn off WPAD and configure an explicit URL for your PAC script; and serve it over HTTPS or from a local file.&#8221;<\/p><\/blockquote>\n<p>From <a href=\"https:\/\/it.slashdot.org\/story\/16\/08\/13\/0149241\/disable-wpad-now-or-have-your-accounts-compromised-researchers-warn#comments\">Slashdot comments<\/a>:<\/p>\n<div class=\"commentBody\">\n<div id=\"comment_body_52696059\">\n<blockquote><p>To prevent Windows from tracking which network support WPAD, you need to make a simple registry change:<\/p>\n<p>Click the Start button, and in the search field, type in &#8220;regedit&#8221;, then select &#8220;regedit.exe&#8221; from the list of results<br \/>\nNavigate through the tree to &#8220;HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Wpad&#8221;<br \/>\nOnce you have the &#8220;Wpad&#8221; folder selected, right click in the right pane, and click on &#8220;New -&gt; DWORD (32-Bit Value)&#8221;<br \/>\nName this new value &#8220;WpadOverride&#8221;<br \/>\nDouble click the new &#8220;WpadOverride&#8221; value to edit it<br \/>\nIn the &#8220;Value data&#8221; field, replace the &#8220;0&#8221; with a &#8220;1&#8221;, then click &#8220;OK&#8221;<br \/>\nReboot the computer<\/p><\/blockquote>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>WPAD is a protocol, developed in 1999 by people from Microsoft and other technology companies, that allows computers to automatically discover which web proxy they should use. The proxy is defined in a JavaScript file called a proxy auto-config (PAC) &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=16431\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[110],"tags":[1125,698,86,857],"class_list":["post-16431","post","type-post","status-publish","format-standard","hentry","category-networking","tag-exploit-vector","tag-security-research","tag-windows","tag-wpad"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16431"}],"version-history":[{"count":2,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16431\/revisions"}],"predecessor-version":[{"id":16433,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16431\/revisions\/16433"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16431"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16431"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}