Re: Wlan @ bestbuy is cleartext?

From: rhandorfat_private-world.com
Date: Wed May 01 2002 - 09:47:25 PDT

Next message: Blue Boar: "Re: Wlan @ bestbuy is cleartext?"

Previous message: Duffy, Shawn: "RE: Wlan @ bestbuy is cleartext?"
In reply to: Blue Boar: "Wlan @ bestbuy is cleartext?"
Next in thread: Blue Boar: "Re: Wlan @ bestbuy is cleartext?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hehe- yeah, this is a known thing in the underground. ever been to a 
homedepo? lucent equipment everywhere.

let this be a lesson to everyone that paying in cash is STILL the better 
thing to do :)

-r


On Wed, 1 May 2002, Blue Boar wrote:

> I was asked to anonymously proxy this question to the list.  Here ya go.
> 
> 						BB
> 
> ----------------------------------------------------------------------------------------------------
> 
> This past week I went to bestbuy to purchase a D-link wlan card... egar to 
> get my laptop up and running while in the car I put my card in and 
> installed the driver. I noticed the traffic light was lit up as if I had a 
> connection. Out of curriosity I fired up kismet and sure enough there were 
> packets flying through the air right infront of BestBuy. Well I decided to 
> run in an try to make a Credit Card purchase real quick to verify that my 
> info was not going all over the parking lot in the clear. Well after 
> sorting out my logs I noticed what looked to be like SQL queries and table 
> headers in my logs ... things such as CUSTOMER_ROUTEID, BANKNAME, 
> REGISTER_ID and things of that nature... luckily no where in that data did 
> I find my own credit card. Non the less I decided to run to the store next 
> to BestBuy while I left me PC on grabbing packets. Well yesterday I sorted 
> through the data collected and this time I did indeed find a RAW clear text 
> credit card number....not mine ... but definately a credit card number.
> 
> Heres my delima... I checked out a few of the other best buy stores for 
> "beacon packets" and everyone I drove by was sending them out...so I assume 
> all BestBuy's are wlan enabled. What I need to find out is ... are 
> BestBuys's Cash register terminals indeed using wlan and are they indeed 
> sending out MY data in the clear... I am NOT comfortable using my credit 
> card at ANY BestBuy as of right now...  due to legality though I don't feel 
> comfortable walking into the store and confronting someone about it.... for 
> all I know it could be standard BestBuy corp. practices to use nonsecure 
> wlan. I figured by starting a thread other people that have attempted this 
> may have more info or some from BestBuy may be reading the list and they 
> may pipe up.
> 
> ---------------------------------------------------------------------------------------------------- 
> 
>

Next message: Blue Boar: "Re: Wlan @ bestbuy is cleartext?"
Previous message: Duffy, Shawn: "RE: Wlan @ bestbuy is cleartext?"
In reply to: Blue Boar: "Wlan @ bestbuy is cleartext?"
Next in thread: Blue Boar: "Re: Wlan @ bestbuy is cleartext?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 01 2002 - 10:37:56 PDT