From: CJB on
BBC Watchdog has done shown a convincing demo. of the dangers of
accessing an email accounts via WiFi.

They got someone to log into an email account using a WiFi service at
a cafe. Someone else, acting as a hacker, monitored the WiFi traffic
and managed to extract the username and password. This was enough to
connect to the session and use the email account to send a fradulent
email. The hacker could also have opened the emails to see if any had
confidential information in them. If a shopping account had been used,
credit card details could also have been extracted. Then the hacker
locked the account so that the ownber couldn't close it himself.
However the session remained alive for the hacker to use at will.

So my question is: is the Three MiFi aka mobile broadband with a
dongle (containing a '3' SIM card) as insecure?

CJB.
From: Kráftéé on
"CJB" <chrisjbrady(a)gmail.com> wrote in message
news:4fa9f8ac-055c-4e5f-aadc-06ab6fd0aa0e(a)v15g2000prn.googlegroups.com...
> BBC Watchdog has done shown a convincing demo. of the dangers of
> accessing an email accounts via WiFi.
>
> They got someone to log into an email account using a WiFi service
> at
> a cafe. Someone else, acting as a hacker, monitored the WiFi traffic
> and managed to extract the username and password. This was enough to
> connect to the session and use the email account to send a fradulent
> email. The hacker could also have opened the emails to see if any
> had
> confidential information in them. If a shopping account had been
> used,
> credit card details could also have been extracted. Then the hacker
> locked the account so that the ownber couldn't close it himself.
> However the session remained alive for the hacker to use at will.
>
> So my question is: is the Three MiFi aka mobile broadband with a
> dongle (containing a '3' SIM card) as insecure?
>
> CJB.

You mean they missed the bit about being able to see everything which
is on your screen using simple easy to source equipment, unless it is
specially screened.

Leave it to Watchdog to grab a small piece of a much larger picture
and then try and blind their viewer with sci fi goglygook.

Just keep a look out for the black helicopters.

Putting it simply if enough time and effort is put into it your PC and
security can be breached not matter whether it is connected via the
Lan, via wifi, via mobile usb mobile dongle or using networking over
the mains. Your job, if you wish to do so, is to make it as
complicated as you can so they pass on by looking for the next easy
mark and there in lies the problem. Most don't, either because they
don't know or can't be bothered but if you want total security the
best thing for you to do is turn the dam thing off and even then your
security can be breached in countless ways.

Paranoid enough yet, remember the black helicopters, they are out
there, really...honest.

From: Graham. on

"Kr�ft��" <kr�ft��@b&e-cottee.me.uk> wrote in message news:1o2dnXTzs5P-kXfXnZ2dnUVZ7vGdnZ2d(a)bt.com...
> "CJB" <chrisjbrady(a)gmail.com> wrote in message news:4fa9f8ac-055c-4e5f-aadc-06ab6fd0aa0e(a)v15g2000prn.googlegroups.com...
>> BBC Watchdog has done shown a convincing demo. of the dangers of
>> accessing an email accounts via WiFi.
>>
>> They got someone to log into an email account using a WiFi service at
>> a cafe. Someone else, acting as a hacker, monitored the WiFi traffic
>> and managed to extract the username and password. This was enough to
>> connect to the session and use the email account to send a fradulent
>> email. The hacker could also have opened the emails to see if any had
>> confidential information in them. If a shopping account had been used,
>> credit card details could also have been extracted. Then the hacker
>> locked the account so that the ownber couldn't close it himself.
>> However the session remained alive for the hacker to use at will.
>>
>> So my question is: is the Three MiFi aka mobile broadband with a
>> dongle (containing a '3' SIM card) as insecure?
>>
>> CJB.
>
> You mean they missed the bit about being able to see everything which is on your screen using simple easy to source equipment,
> unless it is specially screened.
>
> Leave it to Watchdog to grab a small piece of a much larger picture and then try and blind their viewer with sci fi goglygook.
>
> Just keep a look out for the black helicopters.
>
> Putting it simply if enough time and effort is put into it your PC and security can be breached not matter whether it is connected
> via the Lan, via wifi, via mobile usb mobile dongle or using networking over the mains. Your job, if you wish to do so, is to
> make it as complicated as you can so they pass on by looking for the next easy mark and there in lies the problem. Most don't,
> either because they don't know or can't be bothered but if you want total security the best thing for you to do is turn the dam
> thing off and even then your security can be breached in countless ways.
>
> Paranoid enough yet, remember the black helicopters, they are out there, really...honest.


I see your nemesis has been "outed", I'm surprised you aren't
gloating with TOG et all.


--
Graham.

%Profound_observation%


From: The Natural Philosopher on
Kráftéé wrote:

>
> Paranoid enough yet, remember the black helicopters, they are out there,
> really...honest.
>
I know. They practice hovering over the next hill.
From: Chris on
Kráftéé wrote:

> "CJB" <chrisjbrady(a)gmail.com> wrote in message
> news:4fa9f8ac-055c-4e5f-aadc-06ab6fd0aa0e(a)v15g2000prn.googlegroups.com...
>> BBC Watchdog has done shown a convincing demo. of the dangers of
>> accessing an email accounts via WiFi.
>>
>> They got someone to log into an email account using a WiFi service
>> at
>> a cafe. Someone else, acting as a hacker, monitored the WiFi traffic
>> and managed to extract the username and password. This was enough to
>> connect to the session and use the email account to send a fradulent
>> email. The hacker could also have opened the emails to see if any
>> had
>> confidential information in them. If a shopping account had been
>> used,
>> credit card details could also have been extracted. Then the hacker
>> locked the account so that the ownber couldn't close it himself.
>> However the session remained alive for the hacker to use at will.
>>
>> So my question is: is the Three MiFi aka mobile broadband with a
>> dongle (containing a '3' SIM card) as insecure?
>>
>> CJB.
>
> You mean they missed the bit about being able to see everything which
> is on your screen using simple easy to source equipment, unless it is
> specially screened.

No, that wasn't it. I think at least, as they intentionally avoided
telling 'us' how they did it.

What I think they were doing were scanning for new DHCP clients on the same
wi-fi subnet/hotspot as the 'hacker' and then hijacking their web sessions
by cloning their cookies.

All the examples they showed were for gmail, so not using a webmail account
would solve that.

I'm no expert, but I wonder if properly signed https sessions would also be
prone to this kind of attack i.e. banking sessions

I agree it was scaremongering to a degree, but it is useful to warn the
public of potentially serious (to them) unsafe behaviour.

The only solution they gave was to use a VPN, but I think that's probably
OTT.

--
The email address is a spam trap. I rarely use it.
 |  Next  |  Last
Pages: 1 2 3
Prev: tmobile USA
Next: Which network is this mobile on?