Jane's Cafe adds wireless Internet access

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Jane's Cafe adds wireless Internet access

Stephen Guerin
>From today's New Mexican:

Jane's adds wireless Internet access

Jane's Coffee Shop has added free "Wi-Fi" wireless high-speed Internet
access. Customers with PCs that have wireless communication ports will now
be able to surf the Internet and check e-mail at this three-room caf?, set
in a historic adobe house on East DeVargas Street, just behind the Chapel of
San Miguel.

To connect, PC users can search for Jane's network, provided by Comcast, via
their computer's "find" function. The service will also work outside on
Jane's shaded front patio. In addition, the caf? plans to add a
rent-by-the-hour public computer with Web access this fall.

Jane's owner, Jane Mitchell, said she was so impressed with public Wi-Fi
when she used it to make travel arrangements and to e-mail friends on a
recent trip to London that she decided to offer it at her caf?. Jane's is
open weekdays from 7 a.m. to 6 p.m. and Saturdays and Sundays from 7:30 a.m.
to 6 p.m.


Reply | Threaded
Open this post in threaded view
|

Jane's Cafe adds wireless Internet access

Parks, Raymond
Stephen Guerin wrote:
>>From today's New Mexican:
>
> Jane's adds wireless Internet access

   Now us bad guys just wait for folks to use Jane's (or Starbucks or
....) and we can snag your login credentials to your primary wireless
network.

   Recently, on the Full-Disclosure list, a participant suggested an
attack that combines social engineering and wireless hijacking.  MS
Windows computers (and possibly Macs, although I haven't checked)
maintain a list of acceptable wireless access points.  If one has
wireless at work, then that network's security credentials will be
installed on one's system for seamless access while at work.  An
attacker can find out the challenge protocol of the work network by
simply war-driving past and failing to authenticate.  If the attacker
then takes that information and sets up a wireless access point at a
wireless cafe frequented by folks from that business, those folks'
computers will log in to the apparent business network in preference to
the wireless AP of the cafe.  The fake AP then cuts off the connection,
letting the computer fall back to the cafe AP.  Afterward, the attacker
uses the credentials to gain access to the business network.

--
Ray Parks                   [hidden email]
IDART Project Lead          Voice:505-844-4024
IORTA Department            Fax:505-844-9641
http://www.sandia.gov/idart Pager:800-690-5288



Reply | Threaded
Open this post in threaded view
|

Jane's Cafe adds wireless Internet access

Stephen Guerin
RedfishGroup's Wireless Network Access

Username/Password
none/none

Please WAR-park in our lot and we'll bring you out some coffee :-)

____________________________________________________
http://www.redfish.com    [hidden email]
624 Agua Fria Street      office: (505)995-0206
Santa Fe, NM 87501        mobile: (505)577-5828

> -----Original Message-----
> From: rcparks [mailto:[hidden email]]
> Sent: Wednesday, June 02, 2004 12:49 PM
> To: The Friday Morning Applied Complexity Coffee Group
> Subject: Re: [FRIAM] Jane's Cafe adds wireless Internet access
>
>
> Stephen Guerin wrote:
> >>From today's New Mexican:
> >
> > Jane's adds wireless Internet access
>
>    Now us bad guys just wait for folks to use Jane's (or Starbucks or
> ....) and we can snag your login credentials to your primary wireless
> network.
>
>    Recently, on the Full-Disclosure list, a participant suggested an
> attack that combines social engineering and wireless hijacking.  MS
> Windows computers (and possibly Macs, although I haven't checked)
> maintain a list of acceptable wireless access points.  If one has
> wireless at work, then that network's security credentials will be
> installed on one's system for seamless access while at work.  An
> attacker can find out the challenge protocol of the work network by
> simply war-driving past and failing to authenticate.  If the attacker
> then takes that information and sets up a wireless access point at a
> wireless cafe frequented by folks from that business, those folks'
> computers will log in to the apparent business network in preference to
> the wireless AP of the cafe.  The fake AP then cuts off the connection,
> letting the computer fall back to the cafe AP.  Afterward, the attacker
> uses the credentials to gain access to the business network.
>
> --
> Ray Parks                   [hidden email]
> IDART Project Lead          Voice:505-844-4024
> IORTA Department            Fax:505-844-9641
> http://www.sandia.gov/idart Pager:800-690-5288
>
>
>
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9AM @ Jane's Cafe
> Lecture schedule, archives, unsubscribe, etc.:
> http://www.friam.org
>
>

Reply | Threaded
Open this post in threaded view
|

Jane's Cafe adds wireless Internet access

Parks, Raymond
Stephen Guerin wrote:

> RedfishGroup's Wireless Network Access
>
> Username/Password
> none/none
>
> Please WAR-park in our lot and we'll bring you out some coffee :-)

   I might take you up on that if I get up your way.

   That reminds me of another amusing article I found through slashdot.
  A Comcast subscriber allowed as how he intended to remove all security
from his home wireless AP in response to the spate of MPAA-inspired
letters to Comcast customers about possible movie warez.  His logic - if
he has no security, then he has an automatic explanation of why his
computer might have advertised some warez.  This is a variant of the now
popular defense for crackers - "I wuz hacked".

--
Ray Parks                   [hidden email]
IDART Project Lead          Voice:505-844-4024
IORTA Department            Fax:505-844-9641
http://www.sandia.gov/idart Pager:800-690-5288