'Ethical Hacker' Reveals Trade Secrets

By Daniel Sieberg

ATLANTA, Georgia (CNN) -- What comes to mind when you think of wireless Web surfing? It may not be security, or lack of it. There are nearly 30,000 public wireless "hot spots" in the United States at places such as parks and cafes, but there's more to consider than just where to log on. The convenience comes with a caveat.

"Understand that the information you're sending is very similar to standing up here in the park and shouting out all the information -- would I normally do that?" said Richard Rushing, a wireless expert with security firm Air Defense who visited an Atlanta park to show security vunerabilities.

Rushing is considered an "ethical hacker" and works with companies to strengthen their wireless networks. He said many people don't realize they could have all their personal data stolen while checking out their checking account.

"It's great to be able to sit somewhere and work without having any wires attached, no nothing attached, but you have that risk that it comes back to," Rushing said.

At the park, Rushing was able to log onto an unsecured hotel wireless signal in a matter of seconds. To illustrate how vulnerable such networks can be, Rushing then sent an e-mail and intercepted the entire contents of the message. He could've done the same thing to any of the dozens of people sitting nearby in the park.

"At any point in time, I can reach out and touch everyone's laptop at the hot spot, and there's usually not any way of preventing that -- from me touching and looking at other people's stuff at the hot spot itself," Rushing said.

He also demonstrated a growing concern called "evil twins" -- fake wireless hot spots that look like the real thing.

For example, he said, a hacker could be sitting around the corner sending out a wireless signal. It may look like a legitimate one, even offering people a chance to sign up for service. But if you log on, the hacker then would have complete access to your machine.

He said anybody with some tech know-how and the right tools can break into the basic level of wireless security that's commonly used. There are even how-to video instructions online.

Rushing said people need to imagine that nothing is truly private at a wireless hot spot.

"A lot of the time you really want to stay away from doing certain things at the hot spot that you would normally not do if you knew somebody would be watching," he said.

Nevertheless, Rushing doesn't discourage using wireless. He tells people to be aware of what they're sending and the potential for theft. In other words, it's a good chance to read the baseball scores, but even if you're sitting by yourself, it doesn't mean you are all alone.

There may be no wires attached, but the convenience still comes with strings.

Copyright 2005 Cable News Network LP, LLLP.

NOTE: For more telecom/internet/networking/computer news from the daily media, check out our feature 'Telecom Digest Extra' each day at

formatting link
. Hundreds of new articles daily.

*** FAIR USE NOTICE. This message contains copyrighted material the use of which has not been specifically authorized by the copyright owner. This Internet discussion group is making it available without profit to group members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of literary, educational, political, and economic issues, for non-profit research and educational purposes only. I believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner, in this instance, Cable News Network LP, LLLP.

For more information go to:

formatting link

Reply to
Daniel Sieberg
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.