Dirty Dirty Wi-Fi: AT&T Wi-Fi Service Phishing?

I’m sitting at Dulles airport right now, at gate C19, on my way to Vegas. I’m excited to catch up with friends and colleagues at BlackHat this year.  I realized a few days ago that my 81 slide presentation for DefCon isn’t for a 75 minute slot.. instead I’ll be trying to fit it into a 50 minute slot! Wish me luck!

Public Wifi is so dicey… I would never use it for anything other than entertainment during delays.  If I need to get work done I hop on EVDO.  Captive portals are everywhere… and if you pay much attention to security you probably know how easy it is to MAC change and steal wireless services.  These captive portals are interesting to me because the service is so dangerous to use. One bad guy with Cain and Abel can really wreck havoc.

T-mobile hot spots are no longer the only targets – ATTWIFI, pcswifi, and others are all fighting over this precious spectrum.   I decided to check out the other captive portals to see if they are doing anything better then MAC address authorization.  Look what I ran into:

What is “Other Provider”? Intrigued I put in some bogus credentials to see if the next screen would prompt for a non-listed hot-spot service provider like Boingo. Nope… I just got an authentication failure screen. I wonder how many users will supply AT&T with non-AT&T credentials.  Not good AT&T. You shouldn’t have an “Other Provider” category.