 EGeezerSummertimePremium
join:2002-08-04
Midwest
kudos:7
 ·Callcentric
1 edit | reply to cdru
Re: 2 cents. said by cdru:All networks should be treated this way unless you explicitly know that there is nothing rogue between you and what you are connecting to. I'd say that for some, even logging in here or at other sites that don't have SSL login could present issues. Some folks use the same password and login for multiple sites and even email, a handy little fact for miscrants who can often Google a user's login name to see what posts and URl's are returned. From there, looking at profile information, including any non-public profile info gleans more information. Reading their IMS could get more information, and so on.
Your caveat is excellent, especially for folks who decide to hop on that convenient open AP with the SSID of "Baymont", Hampton", "Starbucks" that may be a rogue. And, we haven't even touched on rogue users scanning weakly secured legitimate APs by using sniffers and utilities like Cain and Abel to hack clueless AP users.
--
The society which scorns excellence in plumbing as a humble activity and tolerates shoddiness in philosophy because it is an exalted activity will have neither good plumbing nor good philosophy: neither its pipes or its theories will hold water.
|
