[PLUG] wifi security
Carlos Konstanski
ckonstanski at pippiandcarlos.com
Wed Feb 25 17:49:42 UTC 2009
On Wed, 25 Feb 2009, Ted Kubaska wrote:
> Date: Wed, 25 Feb 2009 09:30:12 -0800
> From: Ted Kubaska <tedkubaska at comcast.net>
> Reply-To: "General Linux/UNIX discussion and help; civil and on-topic"
> <plug at lists.pdxlinux.org>
> To: plug at lists.pdxlinux.org
> Subject: [PLUG] wifi security
>
> I find myself spending a bunch of time in coffee houses with wifi. I'm
> curious about the security. Most of the time I don't care. If someone
> wants to read my email, they're welcome to it. But what about a credit
> card purchase? I have not done it, but what if I bought something over
> the Internet using my credit card and the wifi at Bella Espresso or
> Jax? Would I be foolish to do that?
> -ted
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
Yes, that would be foolish! Why take chances like that? Your only
hope of security is if the web page is SSL encrypted. SSL has a
mechanism to prevent man-in-the-middle attacks, but if that is
defeated, you're screwed. If I were the type of individual who was
looking to prey on unsuspecting WIFI users, I would head straight for
a hot spot.
Read this:
http://www.sans.org/reading_room/whitepapers/threats/ssl_maninthemiddle_attacks_480
Carlos
More information about the PLUG
mailing list