Public Wi-Fi networks such as those in coffee shops and airports present a bigger security threat than ever to computer users because attackers can intercede over wireless to “poison” users’ browser caches in order to present fake Web pages or even steal data at a later time.

That’s according to a security researcher who is the developer of the Kismet wireless network detector and intrusion-detection system, who spoke at the Black Hat conference. He said it’s simple for an attacker over an 802.11 wireless network to take control of a Web browser cache by hijacking a common JavaScript file, for example.

Knowledge gained from researchers over the past year, he said, is showing that browser-cache poisoning over Wi-Fi can be kept in a persistent state unless the user knows how to effectively empty the cache.

The few defenses the researcher suggested were continuously manually clearing the cache, or using private-browser mode.

The researcher acknowledged he doesn’t know how widely attacks based on poisoning the browser cache via 802.11 actually are. But the potential for trouble is so evident he said he’d advise corporate security professionals to try to “forbid users from taking laptops onto open networks,” though he admitted, “Your users may lynch you.” He said some vendors, including Verizon, are looking at solving this problem with a custom client that is tied to specific operating systems.

More..............http://www.networkworld.com/news/2010/020310-black-hat-wi-fi-
attackers.html