Wednesday, February 07, 2007

Security 'Experts' Aren't So Secure At RSA Conference

Sharon Gaudin writes on InformationWeek:

For a group of people who should know better, attendees at the RSA Conference -- one of the biggest security conferences in the world -- are not following the advice they give their customers, co-workers, and friends. As a result, many are not as secure as they think they are.

Analysts at AirDefense Inc., a wireless monitoring company based in Atlanta, ran a scan on wireless devices at the conference Tuesday at the Moscone Center in San Francisco. Of the 347 laptops, smart phones, and hand-held devices they monitored between 9:30 a.m. and 5 p.m., 56% of them were insecure.

Those devices had been set up to link to insecure wireless access points, like those found at hotels and Starbucks cafes. The problem, says Richard Rushing, CSO of AirDefense, is that when they are done using the connection, they don't change the device's policy settings that let it connect to insecure access points. That means when their Blackberry or laptop is on at the conference center, it could easily hook up to a rogue access point set up by a hacker.

Last year at the RSA conference, AirDefense found that 35% of wireless devices were insecure. But not as many people had wireless devices at the show with them. This year, says Rushing, there are more computers at the show with wireless capabilities and more of them are at risk.

More here.

0 Comments:

Post a Comment

<< Home