New Hacking Tools Pose Bigger Threats to Wi-Fi Users [telecom]

New Hacking Tools Pose Bigger Threats to Wi-Fi Users

By KATE MURPHY February 16, 2011

You may think the only people capable of snooping on your Internet activity are government intelligence agents or possibly a talented teenage hacker holed up in his parents' basement. But some simple software lets just about anyone sitting next to you at your local coffee shop watch you browse the Web and even assume your identity online.

"Like it or not, we are now living in a cyberpunk novel," said Darren Kitchen, a systems administrator for an aerospace company in Richmond, Calif., and the host of Hak5, a video podcast about computer hacking and security. "When people find out how trivial and easy it is to see and even modify what you do online, they are shocked."

Until recently, only determined and knowledgeable hackers with fancy tools and lots of time on their hands could spy while you used your laptop or smartphone at Wi-Fi hot spots. But a free program called Firesheep, released in October, has made it simple to see what other users of an unsecured Wi-Fi network are doing and then log on as them at the sites they visited.

Without issuing any warnings of the possible threat, Web site administrators have since been scrambling to provide added protections.

...

formatting link

***** Moderator's Note *****

Hype, Shame, Cynicism, Laziness, and Incompetence. Cheap, obvious, and cynical exploitation of ignorant computer users. Give-'em-what-they-want sensationalism.

I could monitor an open hot-spot ten years ago, and, in case it wasn't obvious, the only important word in this despicable bit of once-over-lightly penmanship is "unsecured".

The solution is both easy and obvious: SSL. And as for security, any Internet cafe worthy of the name has its SSL fingerprint posted on every wall - *and* offers wired connections as well.

Whomever penned this piece of crud should be sent back to journalism school, assuming he ever attended.

Bill Horne Moderator

Reply to
Monty Solomon
Loading thread data ...

Only invades unsecured wireless networks? Anyone who is running an unsecured network without WPA2 is advertising their vulnerability.

Has anyone here made themselves familar with a program called 'Netstumbler'? Have you heard of 'War Driving'?

If Firesheep can only invade unsecure networks then what good is it? You can invade an unsecure network without it.

There is free software on the Internet that allows you to crack a network secured by WEP. I don't remember the name of it, though.

But WPA2 is right now the most secure protocol as far as I know. But I'm sure that sooner or later that someone will crack it and there will be a new means of encryption even better.

Fred

Reply to
Fred Atkinson

Big difference in just connecting to a network and then being able to "see what other users of an unsecured Wi-Fi network are doing and then log on as them at the sites they visited".

Reply to
David Clayton

When I find any public spot with wired connections I'll let you know. :-)

Also, I doubt anyone involved in these public places these days can even spell SSL.

***** Moderator's Note *****

Anyone who uses a public hotspot without bothering to train themselves about the risks and necessary precautions deserves what they get: someone who puts sensitive information on an open hotspot is just proof that a fool and her money were lucky to get together in the first place.

Bill Horne Moderator

Reply to
Sam Spade

Try a Panera Bread location that has WiFi. Of course, the 10baseT runs terminate at a hub, so what anybody else using 'wired' does is trivially visible.

[[.. sneck ..]]
Reply to
Robert Bonomi

At least one coffee house near me has both wired and wireless connections. There's a jack at each table along a wall of bench-type seats.

"It's A Grind", Laguna Hills CA.

Art

Reply to
Arthur Shapiro

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.