RSA Conference Attendees Get Hacked

The RSA Conference "is perhaps the world's largest security event, but that doesn't mean that it's necessarily a secure event," reports eSecurityPlanet. Scanning the conference floor revealed rogue access points posing as known and trusted networks, according to security testing vendor Pwnie Express. storagedude writes: What's worse, several attendees fell for these dummy Wi-Fi services that spoof well-known brands like Starbucks. The company also found a number of access points using outdated WEP encryption. So much for security pros...
At least two people stayed connected to a rogue network for more than a day, according to the article, and Pownie Express is reminding these security pros that connecting to a rogue network means "the attacker has full control of all information going into and out of the device, and can deploy various tools to modify or monitor the victim's communication."

So what?

[thegarbz]

So a few people ran WEP encryption on their networks, and a few others used rogue access points.

You want to talk about getting "hacked" let's talk about what was found. Did anyone give up credentials or sensitive details? Did anyone have something important revealed in a MITM attack? Did someone find something on those WEP networks? Just because we connect to something doesn't mean we trust it or aren't taking precautions. If you're rogue and providing me internet access, and all I'm doing is routing through your access via VPN that doesn't mean I got hacked.

The devil is in the details, at least it would be if we had any.

how "rogue"?

[KiloByte]

Why would a "rogue" access point that actually delivers your packets be bad? A non-moron already treats all networks more exposed than your cluster's interconnects as untrusted, this goes for granted for any public network you connect to -- especially at a security conference where there will be some attacks (even if not malicious).