Search n00bz.net
« Kommand && KonTroll | Main | Ubertooth in a VM on a Win7x64 host »
Friday
Dec092011

Free: You get what you pay for!

I was traveling this past week and being the security nerd I am noticed this screen from across the room.

Above it was a sign that said, "Free Internet- Print your boarding pass for FREE!"

The infected computer was in a hotel lobby.  People were using it printing their traveling documents.

This got me thinking (a dangerous pastime)...

  • If you wanted to "upgrade" you seat or prepay a bag, you entered your credit card number.
  • If you looked up via your FF# you entered a password (and use the same password everywhere.)
  • Some print their email which has their travel documents stored safely in their inbox (which is where they email your password when your forget it at your banks website)
  • At the very least, now an attacker can pivot through this machine and wreck havoc on the internal (and wireless) network.  MiTM attacks galore.
  • This PC was in an unsecured area where anyone could walk up to it (or walk away with it).  The people at the front desk did not have a visual on it.

 

Oh yah, this PC was also in downtown Washington DC! 

Reader Comments (1)

Interesting. Thanks for posting.

December 18, 2011 | Unregistered CommenterBrian

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>