Steve Gibson of Security Now fame, has hopefully made all of us a bit more nervous since he shows us how easy it is to capture names and passwords at our local coffee shop. Using a Firefox extension called Firesheep, it insanely easy to see what’s going on at the local open wifi access. It doesn’t catch your passwords, but does capture the cookies which are passed out in the open.
All these companies need to do is use WPA2 and have a simple password for everyone to use. Tha’ts all that is needed. Here’s what Steve says, “WPA does enforce inter-client isolation. Individual clients negotiate their own private keys with the access point, even though they’re using a common password. The password gets them in, but then their sessions are individually isolated. So that provides you protection against this kind of passive eavesdropping.”