Interesting People mailing list archives
IP: WLAN @ Best Buy is cleartext?
From: Dave Farber <dave () farber net>
Date: Wed, 01 May 2002 18:39:57 -0400
Unverified djf ------ Forwarded Message From: "Rob McMillin" <rlm () pricegrabber com> Organization: PriceGrabber.com Date: Wed, 1 May 2002 14:08:04 -0700 To: "David Farber" <Dave () farber net> Subject: WLAN @ Best Buy is cleartext? http://online.securityfocus.com/archive/82/270364/2002-04-28/2002-05-04/ 0 "This past week I went to bestbuy to purchase a D-link wlan card... [eager] to get my laptop up and running while in the car I put my card in and installed the driver. I noticed the traffic light was lit up as if I had a connection. Out of curriosity I fired up kismet and sure enough there were packets flying through the air right infront of BestBuy. Well I decided to run in an try to make a Credit Card purchase real quick to verify that my info was not going all over the parking lot in the clear. Well after sorting out my logs I noticed what looked to be like SQL queries and table headers in my logs ... things such as CUSTOMER_ROUTEID, BANKNAME, REGISTER_ID and things of that nature... luckily no where in that data did I find my own credit card. Non the less I decided to run to the store next to BestBuy while I left me PC on grabbing packets. Well yesterday I sorted through the data collected and this time I did indeed find a RAW clear text credit card number....not mine ... but definately a credit card number." [...] -- rlm () pricegrabber com "We're smarter individually." -- Larry Niven ------ End of Forwarded Message For archives see: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- IP: WLAN @ Best Buy is cleartext? Dave Farber (May 01)