The Feature published an article by David Pescovitz that calls for a new authentication protocol to prevent thieves from stealing credit card data or user identities using rogue WiFi access points. According to the article, the network login page used by a rogue access point may appear to be secure, but in most cases you as the user don’t know if the access point is itself legitimate.
I don’t spend a lot of time on public WiFi networks, but I have seen enough other people that use them say, “Look– there are multiple networks here and one of them is totally open! I’ll use that one, what difference does it make?”
Now that I’ve read Pescovitz’s article, my reaction is that we should exercise greater caution around open WiFi networks in public places. Who says that an open WiFi hotspot is being operated out of altruism? It could be operated for the purpose of stealing passwords or credit card data.