| Hotspots, the crux for wireless security |
|
|
|
| Monday, 07 May 2007 | |||||
|
Internet users were recently warned about dangers linked to wi-fi hotspots in Internet cafes, including Starbucks. As reported by Times Online , cyber pranksters base their attacks on the technique of “evil twin attack”, which is a different name for “man in the middle attacks”, where users are diverted to a malicious connection that is controlled by the attacker through a laptop. So, the attacker is allowed to get any kind of Information on users and their activities, and to commit identity frauds.It is not particularly difficult for a fraudster to bypass security at wi-fi hotspots. But some skills are required, of course, and they cannot be learnt on books. There are lots of private chatrooms where “cyber-criminal wannabes “ can get information and tips on how to carry out a successful digital attack, like in an “online guide” : a participant says, indeed, "I am now able to tunnel my way around public hotspot logins...It works GREAT. The dns method now seems to work pass Starbucks login." According to IT experts, the only protection for customers could be to update virus protection software and ensure they are connected to a valid, certified website. Not much, really. Indeed security certificates aren’t always a warrantee for protection because imitation sites are every day more powerful and sophisticated. Security experts said, however, that safeguards such as digital certificates could not always guarantee protection, since imitation sites are more and more sophisticated, and security measure for wi-fi hotspots are less and less difficult to bypass: a laptop and some skills would be enough to configure the software to clone a hotspot, in less than two hours. This statement is confirmed by experts in wireless security. As said Mr. Phil Cracknell, a technology officer at Deloitte's, “this type of attack where the operator sits around and harvests details while you are connected to the hotspot is destined to become the new type of phishing. “
Powered by a Zone-H(ified) version of AkoComment 3.0! DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice. |
|||||
The debate on wireless security in Internet cafes keeps burning...
| < Prev | Next > |
|---|
