NetStumbler.org Forums - View Single Post - Security on the client side while using hotspots

odoyle81 · 06-12-2005

thanks alot Thorn. I appreciate you actually addressing the point of my post

It is true that you can capture packets on wired connections but I think it takes more effort and dedication (read: malicious intent) than someone sitting in a coffeeshop running ethereal in promiscuous mode. Its much more of a concern when using wireless. I don't think people would target my line specifically - I'm not important. I found this thread in which the original post describes my issue precisely, and I thought I could post here and hope for a quick answer instead of having to learn all the basics of cookie management. My bad.

I finally found a program that allowed me to view cookies from opera (the browser that I use). I couldn't find any plain text passwords so they must all be hashed.

You're right I didn't define "good enough", but I agree with you - most of the stuff I do, I don't really care if someone else sees it. Basically making it somewhat time consuming to actually do anything with the packets I send will probably influence anyone listening to move onto easier targets. So for me, SSL for banks and email is "good enough", and as long as I don't send personal data in the open, the weekend cracker will be deterred, and as I'm not a target for a dedicated cracker, I'll be fine.

Thanks

06-12-2005	#22 (permalink)
odoyle81 Registered Member Join Date: Jun 2005 Posts: 5	thanks alot Thorn. I appreciate you actually addressing the point of my post It is true that you can capture packets on wired connections but I think it takes more effort and dedication (read: malicious intent) than someone sitting in a coffeeshop running ethereal in promiscuous mode. Its much more of a concern when using wireless. I don't think people would target my line specifically - I'm not important. I found this thread in which the original post describes my issue precisely, and I thought I could post here and hope for a quick answer instead of having to learn all the basics of cookie management. My bad. I finally found a program that allowed me to view cookies from opera (the browser that I use). I couldn't find any plain text passwords so they must all be hashed. You're right I didn't define "good enough", but I agree with you - most of the stuff I do, I don't really care if someone else sees it. Basically making it somewhat time consuming to actually do anything with the packets I send will probably influence anyone listening to move onto easier targets. So for me, SSL for banks and email is "good enough", and as long as I don't send personal data in the open, the weekend cracker will be deterred, and as I'm not a target for a dedicated cracker, I'll be fine. Thanks