Sidejack Attack Jimmies Open Gmail, Other Services

On 2007-08-29, at 06:54, Carl S Zimmerman wrote:

> Some hotel chains, for example, give customers such a code when they
> check in. Non-customers might be able to sniff the traffic on the
> hotel Wi-Fi, but without the access code they could not make timely
> use of it, or so it appears. Is that correct?

Keep in mind that even if the hotel network is completely secure from
the outside, anybody with criminal intent could check into the hotel
and be given the access code...

On 8/28/07, Carl S Zimmerman <csz_stlswbell.net> wrote:
> The article clearly describes the risk that "someone could be
> monitoring your transmissions over open Wi-Fi networks." But it's
> not at all clear whether the same or similar risks apply to Wi-Fi
> networks that require an access code of some kind.

The risk is that someone on the same network as your computer could
pick up your traffic.

A password-protected wifi network protects you from anyone and
everyone having access to your data stream, but it does nothing to
protect you from other folks who also have the password and can log
into the same network.

Similarly, those of us on wired networks are at risk from other people
on the same wired network. Be careful when browsing at the office!

--Nik