Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Wlan @ bestbuy is cleartext?

From: "Matthew Leeds" <mleeds () theleeds net>
Date: Thu, 02 May 2002 14:17:20 -0700
Unless I've missed it, I've yet to see anyone positively confirm that credit card numbers or other data is flying 
around in the clear on these networks. I've been amazed (and disappointed) to see press coverage that appears to be 
little more than hearsay. Has there been independent confirmation of credit cards numbers in the clear done by any 
member of the press, or done by any individual or organization acting as a source to the press with a methodology that 
allows for independent confirmation (packet captures)?

---Matthew

*********** REPLY SEPARATOR  ***********

On 5/2/2002 at 1:01 PM OBrien, Brennan wrote:


Just so I'm clear... I know I remember the discussion of "security by
obscurity" going the way of the dodo bird, but when did we decide
"security through humiliation" was a good technique??

From the Best Buy response below, it sure looks like they made an honest
mistake in their practices -- SOMETHING EVERY ONE OF US HAS DONE IN THE
PAST.  So, now we're going to raise fear, uncertainty and doubt in the
(already a little flighty) buying public which could scare away more
consumers and really hurt these guys.  Is this issue fact? Yes.  Does the
public at large get it?  Nope, not really.

Funny thing about guns... When you pull the trigger, you not only need to
know what you're hitting, but what's beyond it in case the bullet goes all
the way through..

Sarah, it was really cool of you to send them your note.  Good job.
Previous By Date Next
Previous By Thread Next

Current thread: