The time when I've felt like a badass, was when I was bored at a Birthday party at restaurant.

I didn't want to use my mobile data, so I tried to use the wifi of the restaurant. I didn't want to ask the password of the wifi, so I tried to get access by guessing. At first try I got it by entering "nameOfRestaurantCurrentYear".

Then I was browsing Play Store and there was a recommendation of an app (forgot the name) that analyses which the device is connected to wifi. So that got me interested that I installed on my phone.

So I played a little with and discover several Samsungs and iPhones connected to it (Some of the them had their real name next to the brand. It would be funny to yell their name out loud and they would be looking around.)
But there was one device that I didn't recognized. I searched on the web but found nothing. So later as I go to pay my part, I noticed that the credit card device had a wifi icon on it. So I looked over to the cash register and saw the name of the brand. It was the brand I didn't know of.

So basically they were using transfer payments over a public wifi.

  • 10
    That's not a problem at all if the connection itself is encrypted
  • 1
    @Jop- It could be possible, but I doubt it somehow.
  • 2
    I'd wonder if it's encrypted.
  • 17
    You should have started a DDOS attack. Or even better find their printer and print them a lecture about public WiFi networks.
  • 2
    @Jop- it is a problem if they are claiming to comply with PCI certification, which I can almost guarantee they are lying about.
  • 0
    Stories like that make me cringe.
  • 1
  • 4
    Wifikill, still the classic way to go.

    Noone would be able to pay with credit card
  • 1
    A bit more playing around, some research, and a few approvals and this could be a nice article in the 2600 magazine!
  • 0
    @Zennoe but then he would have to pay cash.
  • 4
    @tyrogge because I have worked in payment risk/ fraud for the last 10+ years. People do not know this but when there is fraud transactions on your credit/ debit card it's the merchant where that card was used that suffers the loss. So when some poor sap sells his old phone or laptop on eBay the buyer pays with a stolen CC he us out the money (worked at PayPal for a long time seen it ruin seller's lives) You can't be the first person to figure this out how many credits cards have been stolen at this point? There is a good book called 'Hacking Point of Sale' that explains how to set up your point of sale system safely. You should bring this up to the restaurant, they probable won't get it but maybe they will. At least move it to a secure network.
  • 1
    @katbreitin In that case you're absolutly right. I thought you said that my story is cringy.

    I told them, however it seems that they were in disbelief.
  • 1
    @tyrogge I know we are in the age where there is growing divide in the 'tech peeps' and 'non-tech'. It almost like explaining to someone in the middle ages that the world is round not flat. But now they don't even know what you mean by EARTH.
Add Comment