Posted by l33tdawg on Thursday, July 19, 2007 - 01:22 AM (Reads: 114)
Source: ZDNet (Blog)
As ubiquitous and convenient as Wireless LAN Hotspots are, it is probably the single most dangerous technology to the mobile computer user. From a security standpoint it is an absolute nightmare because of multiple inadequacies. The two biggest issues with Hotspots is that you have no idea if you’re connecting to a legitimate Access Point or if you’re connecting to a hacker’s fake Access Point and everything you send and receive is transmitted in clear text with no encryption.
Anyone who doubts that this is a problem should ask themselves if they would post their email account passwords in my talkback section at the bottom of this blog or go in to an airport and yell out their user account names and passwords as loud as they can. If the answer is no then they should be concerned with Hotspot security. If we look at Defcon’s Wall of Sheep every year, a sucker is literally born every minute and this isn’t because there were hard-core hackers breaking in to people’s Wireless LAN connections. In fact the only thing there were doing was passively listen as users sent out their usernames and passwords in clear text over the radio waves and posted the results on the Wall of Sheep. Of course we can always expect users to use some form of a VPN solution and encrypt everything going over the air but the vast majority of hotspot users don’t do that and even when they do use VPN it doesn’t necessarily encrypt all traffic.
No comments:
Post a Comment