RE: Wlan @ bestbuy is cleartext?

From: Keith Tyler (ktyler@unicornfinancial.com)
Date: 05/01/02


From: Keith Tyler <ktyler@unicornfinancial.com>
To: 'Philip Rowlands' <phr@doc.ic.ac.uk>, vuln-dev@securityfocus.com
Date: Wed, 1 May 2002 14:50:47 -0400 

I think what would be even worse is forging credit approvals. Let say you
had a credit card and it was dead or expired. Im sure with enough time you
could forge approvals into their wlan. That seems very possible.

-----Original Message-----
From: Philip Rowlands [mailto:phr@doc.ic.ac.uk]
Sent: Wednesday, May 01, 2002 11:06 AM
To: vuln-dev@securityfocus.com
Subject: Re: Wlan @ bestbuy is cleartext?

On Wed, 1 May 2002, Blue Boar wrote:

>Heres my delima... I checked out a few of the other best buy stores for
>"beacon packets" and everyone I drove by was sending them out...so I assume
>all BestBuy's are wlan enabled. What I need to find out is ... are
>BestBuys's Cash register terminals indeed using wlan and are they indeed
>sending out MY data in the clear... I am NOT comfortable using my credit
>card at ANY BestBuy as of right now... due to legality though I don't feel
>comfortable walking into the store and confronting someone about it....

You could contact an investigative journalist, even anonymously.
Assuming your motives are to protect ignorant customers' CC numbers,
rather than extortion, you'd probably get a fair hearing.

Search for "whistleblowers guide" on Google :)

http://members.tripod.com/whistle20/resources.htm

Cheers,

Phil



Relevant Pages

  • RE: Wlan @ bestbuy is cleartext?
    ... information from all three credit reporting agencies. ... It could very well have been some other WLAN. ... and found a credit card number. ... > Let the credit card companies worry about it. ...
    (Vuln-Dev)
  • Wheres all that rightwing dumbass loon glee over "Black Friday?????"
    ... after retailers reported a modest bump in sales because ... Retailers Report a Crisis in All Aisles ... November Sales Slump as Shoppers Stow Credit Cards ... Credit card charges enjoyed annual double-digit growth from 2004 to ...
    (alt.politics)
  • Re: Cuba shafting VISA users with surcharge
    ... the cuban peso to Canadian, and then compare it to what's on your credit ... they can't put a Cuban peso charge on a credit card (since there is no peso ... they decided to hit credit card transactions as well. ...
    (rec.travel.caribbean)
  • Re: OT--cc theft/need help/advice
    ... I'd call all 3 national credit reporting agencies and alert them. ... to succumb to a "phishing" attack, you don't have to open any attachments, you just have to think that an E-Mail that looks like it's from [E-Bay, Pay-Pal, brokerage firm, bank, credit card company ... recently it was disclosed that the computers of Marshalls and TJMaxx were hacked and the credit card information of 45 million customers was thusly obtained. ... I worry about identity theft but hopefully I can take the right steps to prevent that. ...
    (alt.sys.pc-clone.dell)
  • Personal Finance: You can fight credit card changes
    ... That's how a lot of consumers are feeling these days as credit card ... payments more than 60 days late rose to 3.75 percent, ...
    (misc.consumers)