Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: RE: Wlan @ bestbuy is cleartext?

RE: Wlan @ bestbuy is cleartext?

From: H C <keydet89_at_yahoo.com>
Date: Wed, 1 May 2002 11:02:29 -0700 (PDT)

> Checking into it may be a legality problem.

This concept...the legality of "checking into"
problems...was an interesting thread on another list
for a while. Some feel that guys like Lamo and what
he did to gain access to NYTimes is not only legal,
but justified. Others don't feel that way. I guess
the only real opinion that matters is that of a judge.

> For those of you
> interested in trying this one out at your local
> BestBuy, be aware they may already know...

Already know what? That their WLAN is insecure. If
they are already aware of that, and do nothing...does
that then constitute negligence?
 
> Anyway, at this point, I suggest you contact local
> law enforcement
> and ask them what they think. By now, I would hope
> most areas have a
> network tasks forces that can at least address the
> issue either for
> you or with you when you confront BestBuy.

"Network tasks forces"? Are you saying that it's your
opinion that all law enforcement jurisdictions should,
by now, have 'tasks forces' [sic] for dealing with
problems such as these? That's hardly
realistic...some may, but I certainly wouldn't count
on any arbitrary jurisdiction having the necessary LEO
staff for such things.

>From the description of his activities performed, it
doesn't sound as if the OP has done anything wrong. I
would suggest that he attempt to contact someone at
Best Buy corporate headquarters, and clearly state his
concerns (if it's a letter, run spell check, and have
someone check the grammar, that sort of thing). Maybe
he can implore BlueBoar for one more favor. Going to
law enforcement isn't going to yield anything at this
point...has a crime been committed? So far, it
doesn't sound like it.

I'd suggest first contacting Best Buy, either by phone
or letter. If phone calls don't work, try a letter.
Document your efforts. If that doesn't work, take
your documentation to a consumer advocacy group.

> Also, I wouldn't doddle on this, you may prevent an
> identity theft!

I hope the OP at least stops making credit card
purchases at BestBuy, until the situation is resolved.
 He should suggest that his friends do the same.

__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com
Received on May 01 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos