Security researcher highlights public WiFi threats

Public Wifi networks offer a larger security threat than ever to computer users because hackers have the ability to "poison" users' browser caches to present fake Web pages and even steal data later, according to security researcher Mike Kershaw.

Kershaw, developer of the Kismet wireless network detector and intrusion-detection system, spoke at the Black Hat conference last week and indicated that an attacker using an 802.11n network can take control of a Web browser cache by stealing a common JavaScript file.

"Once you've left Starbucks, you're owned. I own your cache-control header," he said. "You're still loading the cache JavaScript when you go back to work." And research shows that the browser cache poisoning can be kept in a persistent state unless the end users understands how to effectively empty the cache.

Kershaw said the problem stems from open network that have no client protection. "Nothing stops us from spoofing the [wireless access point] and talking directly to the client," he said.

Kershaw suggested that users continuously clear out the cache on a manual basis or use private-browser mode.

For more:
- check out this PC World article

Related articles:
WiFi takes a seat at the cellular table
Security firm demoed hacking and eavesdropping on IPhone mobile VoIP calls

Suggested Articles

Skeptics say the risk of a network outage is too high to make 5G remote surgery possible but 5G experts say it’s not as farfetched as it sounds.

Celona is jumping head first into the CBRS arena, targeting enterprises that want a private LTE or 5G network.

One of the players in CBRS that hasn’t been making a lot of noise about its role as a SAS provider—until now—is Amdocs, which once was known for its wireless…