Hilton Tokyo - ID stolen via Wifi (January 2016)

Status
Not open for further replies.
Re: Hilton Tokyo - ID stolen via Wifi

Question, how exactly would you have noticed if it was different?

Well, Hilton would still be broadcasting on their normal SSID.
I know what the sign-on page looks like and how to register for it.

I also know the web address that it goes to. A good spoof would still fool me but they would have to take down the normal SSID first.
 
Sponsored Post

Struggling to use your Frequent Flyer Points?

Frequent Flyer Concierge takes the hard work out of finding award availability and redeeming your frequent flyer or credit card points for flights.

Using their expert knowledge and specialised tools, the Frequent Flyer Concierge team at Frequent Flyer Concierge will help you book a great trip that maximises the value for your points.

Re: Hilton Tokyo - ID stolen via Wifi

Well, Hilton would still be broadcasting on their normal SSID.
I know what the sign-on page looks like and how to register for it.

I also know the web address that it goes to. A good spoof would still fool me but they would have to take down the normal SSID first.

They wouldn't actually need to remove the original SSID. They could broadcast the same one and hope you connect to theirs rather than the hotel's. Pretty common man in the middle attack using a WiFi pineapple.
 
The Frequent Flyer Concierge team takes the hard work out of finding reward seat availability. Using their expert knowledge and specialised tools, they'll help you book a great trip that maximises the value for your points.

AFF Supporters can remove this and all advertisements

Re: Hilton Tokyo - ID stolen via Wifi

They wouldn't actually need to remove the original SSID. They could broadcast the same one and hope you connect to theirs rather than the hotel's. Pretty common man in the middle attack using a WiFi pineapple.

But still shouldn't be able to intercept a https site, at least not without throwing up browser warnings re certificates or unauthenticated sites
 
Re: Hilton Tokyo - ID stolen via Wifi

But still shouldn't be able to intercept a https site, at least not without throwing up browser warnings re certificates or unauthenticated sites

Correct. At least not without employing other attack vectors.
 
Re: Hilton Tokyo - ID stolen via Wifi

So... are we any closer to guessing/knowing what actually happened, and whether the hotel was actually involved in the attack at all?
 
Re: Hilton Tokyo - ID stolen via Wifi

So... are we any closer to guessing/knowing what actually happened, and whether the hotel was actually involved in the attack at all?

In short, no. Lots of theories on here, and I can't say for sure what happened. I've just taken a lot more security precautions than before- i keep all my data on a thumb drive that I remove before logging onto Wifi. I get a local sim with data and tether that when doing anything I need security for.
 
Re: Hilton Tokyo - ID stolen via Wifi



In short, no. Lots of theories on here, and I can't say for sure what happened. I've just taken a lot more security precautions than before- i keep all my data on a thumb drive that I remove before logging onto Wifi. I get a local sim with data and tether that when doing anything I need security for.


Is there a way to do something about the native MAIL app on the MAC?
 
I use thunderbird. So I guess you don't need to sign into it ever, if that's what you are asking?
 
I use thunderbird. So I guess you don't need to sign into it ever, if that's what you are asking?
I just meant how do i protect my emails? Like if i use a usb stick to store importants, i can understand that. But how do i do the same for my emails?
 
Status
Not open for further replies.
Back
Top