The Read.me handed out at conference registration said “Consider the WLAN as untrusted”. I checked how many people read the Read.me and ran dsniff during the whole conference and compared the result to my universitys wlan. It was better, but I still got too many passwords:
4 POP3 Accounts, 1 non-anymous ftp account and 6 IMAP accounts.
At least one IMAP account i could map to a well known FreeBSD committer.
So if you didn’t used IMAP/SSL and especially if your password starts with “icr” you should change it, because maybe I will consider selling it to the slashdot troll.
BTW this one is really embarrassing for a BSD conference:
—————–
10/31/04 13:53:24 tcp 172.31.1.133.3161 -> ftp.freesbie.org.21 (ftp)
USER anonymous
PASS IEUser@