I used the T-Mobile HotSpot service at the San Jose International Airport’s American Airlines Admirals Club yesterday. Amazingly, the logon page to the HotSpot service was NOT SSL-protected — meaning userid and password information is sent in the clear over the wireless link. This isn’t the case at local Starbucks where the logon pages are SSL-protected — so it seems like this may be a basic configuration oversight on some T-Mobile administrator’s part.
Categories