[kwlug-disc] Firesheep: Open WiFi cookie stealing for the masses ...

Chris Frey cdfrey at foursquare.net
Tue Oct 26 17:26:02 EDT 2010


On Tue, Oct 26, 2010 at 05:09:49PM -0400, Khalid Baheyeldin wrote:
> I am no expert on wireless encryption, but I think enabling WPA with a
> weak password is enough to protect against site login hijacking.

Neither am I, unfortunately.  Does WPA2 turn wireless behaviour into
a switch based network vs. a hub based network?  i.e.  If you can
still use tcpdump to see other people's network activity after you've
connected using the public password, then things haven't gotten
much more secure.

- Chris





More information about the kwlug-disc mailing list