For email, another simple option is to connect one's POP3 and SMTP servers via SSL.
Richard -----Original Message----- From: Tomas L. Byrnes [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 30, 2008 12:59 PM To: Jim Murray; Richard M. Smith Cc: funsec Subject: RE: [funsec] Sen. Brownback Spotlights Chinese Order to Spy on Olympic Hotel Guests In general, using Internet from a hotel without using a VPN client is just crazy. Of course, the Great Firewall will probably block your SSL/PPTP/IPSEC VPN > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Jim Murray > Sent: Wednesday, July 30, 2008 10:54 AM > To: Richard M. Smith > Cc: 'funsec' > Subject: Re: [funsec] Sen. Brownback Spotlights Chinese Order > to Spy on Olympic Hotel Guests > > Richard M. Smith wrote: > > I wonder what company is supplying this Chinese government spyware > > "software"? It seems like the spyware would have to be some sort > > pack-sniffer box that gets installed in a hotel and then > periodically > > phones home with activity logs. I wonder also how room > registration > > information is matched with Web surfing activities. > > If the hotel charges for internet access (and many do) it's > actually fairly trivial to match activity logs to room registration. > > All of the major players in the hotel internet access market > interface to the hotel's front office systems for billing > purposes already which gives them the first part of the data > (the guest's name/room number). > Users are generally authenticated by MAC address so a unique > identifier is present in the traffic passing the billing gateway. > > It's not a huge step from there to recording the history for > full analysis later. > > If you want security, use a VPN to a known-secure location. > At least then all anyone snooping will get is the endpoint IP. > > Jim. > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
