NY Case Underscores Wi-Fi Privacy Dangers
Lisa Kachold
lisakachold at obnosis.com
Tue Apr 26 08:53:10 MST 2011
On Mon, Apr 25, 2011 at 9:18 PM, keith smith <klsmith2020 at yahoo.com> wrote:
> Thought this might be interesting to some.
>
> Lying on his family room floor with assault weapons trained on him, shouts
> of "pedophile!" and "pornographer!" stinging like his fresh cuts and
> bruises, the Buffalo homeowner didn't need long to figure out the reason for
> the early morning wake-up call from a swarm of federal agents.
>
> http://abcnews.go.com/US/wireStory?id=13448808
>
OMG, yea howdy!
We are responsible for our networks!
Course, most of us can get into WEP and WPA/WPA2 trivially, so unless you
have a Radius Server (which most WiFi routers will happily work with)
running Enterprise WPA2, you are still "at risk" of network encroachment.
While WEP/WPA/WPA2 constitutes "reasonable protection", it does not protect
you. Anyone on a shared network owns you completely, with the ability to
use SSLStrip to even get your https logins and passwords.
BUT IS THIS CRIMINAL?
If so, most of the "adminstrator-less" Internet Startups running insecure
Websites are criminal?
Technical Security HowTo Proof of Concept References:
http://www.eastmobiles.com/index.php?option=com_content&view=article&catid=27:wi-fi&id=106:wpa2-key-hack-nvidia
http://blogs.pcmag.com/securitywatch/2010/07/spoofing_hack_against_wpa2_rev.php
http://www.youtube.com/watch?v=r9x2e32voZY
http://www.securitytube.net/video/193
>
> ------------------------
> Keith Smith
>
--
(503) 754-4452 iPhone
(623) 239-3392 Skype
(623) 688-3392 Google Voice
http://www.it-clowns.com
"It took me many years but I have gained access to the root account and have
removed the user God." -Saros
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20110426/31ff3818/attachment.html>
More information about the PLUG-discuss
mailing list