"Michael A. Dickerson" wrote: >Well as always it depends on what kind of attack you are worried about. >There is only one new attack vector introduced by an unencrypted hot spot: >a person with (cheap) surveillance equipment somewhere nearby, recording >the transmissions of a handful of people using the WAP.
When I worked at a bank, I advised the senior executives not to discuss business on their cell phones. (Most were AMPS so listening was easy.) If you are interested in financial dealings, setting up Kismet near a Starbuck's in the financial district could increase the probability of hearing something interesting. You don't think a serious criminal just listens at random locations? You are probably not interesting to such a criminal. But that doesn't mean that others are not interesting, or that you won't be caught by random chance as a by-product. Hey, I put my phone number and email address in my signature. I know that some folks think that is crazy, but the data is already widely known and available. You do need to evaluate the risk, but nothing is risk-free if life is worth living. -- Dave Close, Compata, Costa Mesa CA "Whenever you have a secret, [EMAIL PROTECTED], +1 714 434 7359 you have a vulnerability." [EMAIL PROTECTED] -- Whitfield Diffie
