Lack of security in public networks
In a recent column security expert Roger Grimes writes about how an acquaintance of his has been “sniffing” various public wireless and wired networks around the world, looking to see what plain text passwords are visible. She counts plain text passwords passing by her traveling laptop’s NIC when she’s in a hotel, airport, or other public network. He writes:
She said about half the hotels use shared network media (i.e., a hub versus an Ethernet switch), so any plain text password you transmit is sniffable by any like-minded person in the hotel. Most wireless access points are shared media as well; even networks requiring a WEP key often allow the common users to sniff each other’s passwords.
She said the average number of passwords collected in an overnight hotel stay was 118, if you throw out the 50 percent of connections that used an Ethernet switch and did not broadcast passwords.
This reinforces my already firm opinion that great care must be taken whenever you are using a public facility like a library, Internet cafe, airport wireless, etc. I travel a fair amount and have had to use some sort of public connection numerous times. I avoid the temptation to log in to my brokerage account or other sensitive site and I try to avoid doing anything that might involve a credit card number. Unfortunately, these precautions make public connections much less useful. Once again convenience and ease of use are taken from us by the sociopaths in our midst.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.