Information Security News mailing list archives
Best Buy hit by WLAN snooping
From: InfoSec News <isn () c4i org>
Date: Sun, 5 May 2002 00:00:44 -0500 (CDT)
http://www.theinquirer.net/02050207.htm By Mike Magee, 02/05/2002 09:02:29 BST US RETAIL FIRM Best Buy was forced to close its wireless network yesterday after people were able to snoop on transactions by using easy-to-obtain software running in laptops in parking lots. Best Buy uses wireless technology to transfer data from cash tills to central computers in their shops, but people are easily able to grab packets containing all sorts of confidential data including credit card details by tuning into the wireless waves. One hacker on a board said that he had fired up Kismet outside a shop last week and bought a unit with his own credit card to see what info was transmitted. He said that when he searched the logs he saw SQL queries and table headers in his log including his own credit card number. He tried a number of other Best Buy stores and his software was able to pick up lots of other transactions from customers flying on the airwaves. WLANs are notoriously insecure, although safeguards can be built into them. Because the technology is comparatively cheap and also fast, it has been touted as an ideal solution for large businesses wanting to save money on their IT infrastructure. At this year's Intel Developer Forum, the firm was dishing out loaned WLAN cards to the world's foremost journalists, many of whom were happily typing their stories and sending their emails under the protective cone of a Chipzilla hotspot. We wondered if this was necessarily a good idea at the time. Top datacomms journalist Tony Dennis said that when Intel did a similar thing at last year's Developer Forum, he noticed that the system was inherently insecure. Oops... - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Best Buy hit by WLAN snooping InfoSec News (May 05)
- <Possible follow-ups>
- RE: Best Buy hit by WLAN snooping InfoSec News (May 07)