|
Joined: Aug 2012
Posts: 3
Member
|
OP
Member
Joined: Aug 2012
Posts: 3 |
Let me introduce myself here. Long time lurker, recently joined up, first post here.
Sooo, the other day I am at the mall, waiting for my wife outside the Williams-Sonoma store.
I knew I had some time to kill so I fired up my android tablet and did a wifi search. Besides all the free wifi AP's in every store nearby, and the mall's own wifi, I found right below the W-S stores open AP, a 'wmspos' entry. I assume this is the store POS network.
Now, despite it being secured with 802.1x, does anyone else think its a REALLY BAD IDEA to have a store's POS system on the air?
A sniffer and MAC clone could be used to break into an established connection, no?
Time to update Ben Franklin - "Those who would sacrifice security or reliability for convenience, deserve none of the above"
Regards,
John the Mechanical Engineer - Telephone Technology Dilettante since 1986
John the Mechanical Engineer - Telephone Technology Dilettante since 1986 "Those who sacrifice security or reliability for convenience, deserve none of the above"
|
|
|
Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.
|
|
|
Joined: Feb 2010
Posts: 581 Likes: 6
Member
|
Member
Joined: Feb 2010
Posts: 581 Likes: 6 |
Sounds like another Target-level personal information breach just waiting to happen. They could at least turn SSID broadcasting off to at least keep it somewhat under wraps that they're sending that stuff over-the-air.
Tennessee Technology Solutions, LLC | "Business technology solutions reimagined." | (423) 665-9995 | www.423tech.com
|
|
|
|
Joined: Jan 2013
Posts: 519 Likes: 1
Member
|
Member
Joined: Jan 2013
Posts: 519 Likes: 1 |
Many of these types of stores have a WiFi network setup that they use with handheld scanners for price checking and product ordering. Even though it is labeled "wmspos" I doubt it is connected to the POS network.
But having the SSID being broadcast is still a bad idea.
Patrick T. Caezza Santa Paula, CA 93060 C-7 - Low Voltage System Contractor - Lic# 992448
|
|
|
|
Joined: Nov 2009
Posts: 237
Member
|
Member
Joined: Nov 2009
Posts: 237 |
Since it's using 802.1x and not simply a PSK then it's a lot more secure than what you'd think.
MAC addresses can be spoofed and BSSIDs can be figured out. The only real security in *any* wireless network (regardless of it's VHF, UHF, or higher like 2.4/3/5.8/10/20/24, is a strong pass phrase and additional measures such as using 801.2x/RADIUS.
Obviously stores POS systems are some how connected to the same LAN as wireless devices since Wal-Mart CSMs can price-override with their handheld now instead of using a physical key and a scan code. Of course, ACLs should also be in place allowing only proper devices to talk to the servers.
Jeff Lead Field Engineer, MSCNS
|
|
|
Forums84
Topics94,294
Posts638,834
Members49,769
|
Most Online5,661 May 23rd, 2018
|
|
0 members (),
122
guests, and
334
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|