-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 09:32 AM 5/2/2002, you wrote: >http://www.silicon.com/public/door?6004REQEVENT=&REQINT1=53089&REQSTR1=silicon.com > >regards, Well, let's hear it for journalistic integrity! Someone turns BB's voluntary deactivation of some wireless registers into this: "Major stores beam credit card details to the car park Hacking into people's private data is as easy as parking a car... Major US retail chain Best Buy has been forced to close down its wireless cash registers after security experts revealed it had been making credit card information available to anyone in the vicinity with the equipment to detect wireless networks." The fact that there may be an issue is bad enough- it is really unfortunate that the authors of these articles have to sensationalize it with FUD like "forced to close down" and "experts revealed it had been making cc info available". No one has revealed *anything*. We have someone who *thinks* it was Best Buy, and who *thinks* it might be a CC number. The article *should* have gone like this: "Best Buy Does the Right Thing" "Under allegations that Best Buy's wireless POS network may be transmitting confidential customer data which could be intercepted by wireless sniffers, Best Buy has voluntarily disabled the devices so that they can conduct an investigation." This is nothing new *at all*. Hell, the article I wrote on wireless is almost a year old, and I came to the game quite late. People use un-encrypted wlan all the time. I agree that if they are transmitting confidential data that this is wrong, but no one has verified this. Best Buy has shut it all down- the OP needs to post the captures. It can't do any harm at this point. Put up, or shut up! Email it to me and *I'LL* post it!! AD -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQA/AwUBPNGYPYhsmyD15h5gEQJrOACgycODNSNFxCuOcsDTy8x5VBZ3AAYAn1Cw pTnenNr8IL1y5uP7rn/4LGg3 =8Aes -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu May 02 2002 - 13:30:03 PDT