Pictures

Photo

Reuters Photojournalism

Our day's top images, in-depth photo essays and offbeat slices of life. See the best of Reuters photography.  See more | Photo caption 

Photo

Tornado chasers

Storm chasers brave danger and debris as they try to capture photos of tornadoes' destructive power.  Slideshow 

Photo

Running while blind

Blind or visually impaired students compete in blind track and field tournament.  Slideshow 

Sponsored Links

Sen. Schumer calls for increased public WiFi security

Related Topics

NEW YORK | Sun Feb 27, 2011 3:53pm EST

NEW YORK (Reuters) - Sen. Charles Schumer on Sunday called on major U.S. web site operators such as Amazon and Twitter to switch to a more secure protocol to prevent identify theft and other security breaches in places like coffee shops.

The New York Democrat told a news conference held at a Manhattan coffee shop that growing WiFi access at such shops, restaurants and other businesses was helping hackers gain user information like credit card numbers and account passwords.

"The number of people who use WiFi to access the Internet in coffee shops, bookstores and beyond is growing by leaps and bounds," Schumer said.

Unsuspecting patrons using their computers in such public venues had made them easy prey for hackers and identity thieves, he said.

"The quickest and easiest way to shut down this one-stop shop for identity theft is for major Web sites to switch to secure HTTPS web addresses instead of the less secure HTTP protocol," Schumer said.

He called the HTTP protocol "a welcome mat for would-be hackers."

Schumer said simple programs such as Firesheep had made accessing someone else's computer and private information through the unsecured HTTP extension relatively easy.

Schumer said many major Web site operators have been slow to address the HTTP security flaw, which he said has been well recognized since at least 2007.

He also released a letter to major Web site operators, none of which he said use HTTPS protocol as the default, asking them make the change.

(Reporting by Chris Michaud. Editing by Peter Bohan)
Politics
Tech
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (2)
readyforthenet wrote:
Mobility is the future and this issue will only get worse. The information here is just sound bites and not completely accurate, however the risk for people who use public internet WiFi is real.

Many content providers use HTTPS for the login, but then switch to HTTP for setting cookies. This exposes you to having your session be hijacked.

There are ways for users to protect themselves using proxies, but as Sen. Schumer states, the website providers are in the best position to easily mitigate this.

Feb 27, 2011 10:25pm EST  --  Report as abuse
5tudentT wrote:
Yet another liberal pushing a socialist agenda.

Protection from identity theft is a good thing, but why should I be forced to pay for someone else’s security? You should only pay for what you use, and if someone doesn’t want to pay they shouldn’t be forced. And if someone can’t pay, they shouldn’t have it.

It’s unconstitutional.

Feb 28, 2011 9:40am EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.
See All Comments »