You are Not Safe at McDonalds and Starbucks

Steve Gibson of  Security Now fame, has hopefully made all of us a bit more nervous since he shows us how easy it is to capture names and passwords at our local coffee shop. Using a Firefox extension called Firesheep, it insanely easy to see what’s going on at the local open wifi access. It doesn’t catch your passwords, but does capture the cookies which are passed out in the open.

All these companies need to do is use WPA2 and have a simple password for everyone to use. Tha’ts all that is needed. Here’s what Steve says, “WPA does enforce inter-client isolation. Individual clients negotiate their own private keys with the access point, even though they’re using a common password. The password gets them in, but then their sessions are individually isolated. So that provides you protection against this kind of passive eavesdropping.”

Advertisements

About Tom Terrific

Interested in MANY things.
This entry was posted in Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s