Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Wi-Fi hack demonstrated at Black Hat briefing.

Tier-3 : 03 August, 2007  (Technical Article)
Hackers demonstrate successful wi-fi intrusion using unencrypted cookies to hi-jack user sessions.
A demonstration of specialised WiFi hacker tools at a Black Hat briefing in Las Vegas this week has been called an inevitable evolution of hacking by Tier-3, the behavioural analysis IT security specialist.

At a meeting of Black Hat security experts this week, officials with Errata Security demonstrated a set of utilities - Hamster and Ferret - that reportedly allow a WiFi hacker to interactively monitor traffic flowing to and from public WiFi hotspot users' notebook PCs, PDAs and smartphones.

The utilities - coded by Errata - allowed the monitoring to extend to the unencrypted cookies used across WiFi Web sessions, meaning that a hacker can hi-jack and/or overlay the user's online session.

In the Black Hat demo, officials demonstrated the hi-jacking of a Google mail session, but the hacker methodology could also be extended to other popular social networking services such as Facebook and MySpace.

Geoff Sweeney, CTO of Tier-3, said, "The evolution of WiFi hacking was inevitable, but quite frightening. Public WiFi hotspot users need to be far more aware that their online sessions are highly insecure. More than anyone, notebook WiFi hotspot users need to employ every available security system available to them, which means turning to technologies such as SSL (Secure Sockets Layer), two-factor authentication and behavioural analysis software as standard procedure.'

'Only by using these security technologies can users be reasonably sure that their online sessions are not being intercepted. Of course, there's also the possibility of electronic eavesdropping, but that, as they say, is another story entirely,' he added.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo