grelmar - 1:56 pm on Aug 6, 2008 (gmt 0)

It amazes me how poor some corporations are at securing their WiFi, and the type of information they let fly over their WiFi networks.

Rather than run RJ45 at 50cents a meter, they hook their smart "Point of Sale" tills to their central network over WiFi (a bad security decision, regardless of setup). To make the system more reliable, they install signal boosters.

I can think of a couple of cafes in town where the pay-for-access WiFi of the cafe is drowned out by the signal of a nearby business. Which is fine, because in the two cases I can think of off hand, those business WiFi networks are totally unsecured, so I can just tap into them to surf the web. They even have convenient, easy to spot network names like "XYZ-DrugMart POS Network."

The problem in the cases mentioned in this article is, essentially, that the WiFi networks weren't properly secured in the first place. They made it all too easy for the hackers to sniff.

I'm less worried about the security of my data when I'm using public WiFi. What worries me is the security of my credit card info when I buy something at a place that uses WiFi to connect their POS system together. There are just far too many lazy network admins out there.