Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Evil Twin' Threat to Wireless Security

Posted by michael on from the lives-in-the-attic-and-eats-fish-heads dept.

BarryNorton writes "The BBC are currently reporting on research from Cranfield University on the ability of unscrupulous third parties to spoof wireless networking clients into believing they are connected to a 'valid base station' and compromising their passwords for Internet banking etc. Of course the rest of the connection through the Internet, even from a trusted router, is insecure in any case and such sites should be using end-to-end security like SSL. Is there, therefore, anything (other than the cute name 'evil twin') to this story?"

2 of 222 comments (clear)

  1. Wow! Another /. First! by eno2001 · · Score: 0, Offtopic

    Ladies (ostensibly) and gentlemen, meet Slashdot's first self negating story. God it's getting worse around here by the day. ;P

    --
    -"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
  2. Re:Yes by quigonn · · Score: 0, Offtopic

    That assumes that you don't have any data about the valid, real certificate, and thus cannot check fingerprint and stuff. But I agree with you, you described a possible attack vector, although it's on a completely different layer (social engineering) than a man-in-the-middle attack (technical attack on SSL/TLS).

    --
    A monkey is doing the real work for me.