Topic: Bad Karma: Hackers Can Access Your Private Info on WiFi Networks

[Samker]

The next time you take a break from the Christmas rush, and stop into a coffee shop to check your e-mail, or do some online shopping, beware of the Karma in the room.

Not the atmosphere around you, but the "Karma attack," a hacker's invasion which could result in identity theft, the loss of thousands of dollars or stolen company secrets.

In simple terms, Karma codes help hackers get in -- between your computer and the WiFi connection you're using to connect to the internet.

So while you're online, a successful Karma attacker, sitting a few feet away, can watch everything you're doing.

Nicholas Percoco, of the internet security firm Trustwave, said, "You think you are live on the internet, and you are, but all of your traffic is being routed through the attacker's computer."

Percoco and Robert Havelt, also of Trustwave, agreed to show me just how "insecure" you can be on a free WiFi network. An Argo Tea shop in the Loop allowed us to use their WiFi network for our story.
Percoco said, "If you log in and do anything that's not over an encrypted channel, he can intercept it."

Using Karma software, Havelt, a Trustwave penetration specialist posed as a Karma "attacker."

Before long, his screen was filled with messages from dozens of nearby laptops and smart phones.
"Basically, the connection is going from your computer to the attacker's computer," said Percoco, "and then the attacker's computer to the coffee shop network, that's how it's working."

A few tables away, a Trustwave security consultant was online, shopping for a DVD, the seventh season of "24."

And we watched as he entered a name, phone number and even a credit card number. The Karma attacker was seeing exactly what was displayed on the security consultant's screen.

Havelt calls it "sniffing" information from another laptop. Trustwave said Karma attacks are occurring more often, because Karma software has improved. And to avoid them, they recommend installing a good personal firewall, and being careful about displaying sensitive personal information when using WiFi networks in public places.

The bottom line, said Havelt, is this, "When you are in public like this, you never know who's watching you."

(MyFox)

[Fireberg]

Cool! Well I think it’s overdue to change by now.

nothing is safe at all

[yogesh.badhe]

Hi Samker,

Can you tell me how to check all these types of hacking for our data safty? Is there any freeware or any tool through which we can monitor all these activities?

[Samker]

My recommendation is good Firewall, check here FREE ZoneAlarm Basic: http://www.zonealarm.com/security/en-us/free-upgrade-security-suite-zonealarm-firewall.htm 

I'm sure, that you'll be safe from this threats.

[hazedaze]

Out of Interest did'nt mcAfee do a wireless protection software of some kind???

I have only just started to use Wireless with encyption fbecause of some of the reasons shown above, anyone heard of Backtrack if not go and take a look and download it, it's a hackers dream toolset for wireless but was obiously designed for the White Hat in mind!!!, If you think your machines are vunerable on wireless go and try this Live CD out that should test your network quite well....

[cbdenver]

Does the McAfee wireless protection actually help in any way to protect?  Let me know.

Thanks,
CB

[Samker]

Does the McAfee wireless protection actually help in any way to protect?  Let me know.

Thanks,
CB

It isn't such good product in my opinion.

Also for more information, please check this review by Cnet (older version): http://reviews.cnet.com/internet-security-and-firewall/mcafee-wireless-protection/1707-3667_7-31995276.html

Hope this explanation will help you?

Regards,

S.