Free WiFi is subject to sniffing and DNS spoofing attacks, among others. Remember, you get what you pay for -- and if you pay for privacy, you get it.
There's a case in the Mozilla Bugzilla about a girl who was using a public free hotspot, tried to use Firefox to log into all of her sites, and ended up getting a bunch of certificate errors, 'unknown_issuer'. She, not understanding what the digital certificates are supposed to do (provide a second factor of authentication of a site, with the first one being the DNS entry), accepted every one.
Guess someone got her bank, ebay, yahoo, and god only knows what other passwords.
(The worst part is: even pay-for hotspots are subject to the same types of end-user attacks.)
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
Date: 2009-08-07 02:40 am (UTC)There's a case in the Mozilla Bugzilla about a girl who was using a public free hotspot, tried to use Firefox to log into all of her sites, and ended up getting a bunch of certificate errors, 'unknown_issuer'. She, not understanding what the digital certificates are supposed to do (provide a second factor of authentication of a site, with the first one being the DNS entry), accepted every one.
Guess someone got her bank, ebay, yahoo, and god only knows what other passwords.
(The worst part is: even pay-for hotspots are subject to the same types of end-user attacks.)