There was good wireless coverage by Attingo, but of course you had to pay to go anywhere on that network. I did have a look however, and found that you could ping everyone else on the network and the IPs were all public in the 212.123.203/24 range. I ran tcpdump for just over 8 minutes. The harvest was only a single POP3 password, which was less than I had anticipated:
The X'es marks and masks the spots of interest.
I could deduce a lot more from that capture about this person: name, hotmail address, another address that the person sent mail to, language etc., and of course the POP3 account name and password (which was really weak at that). It's a good starting point to compromise this persons workplace and/or identity.
It's really bad, and I'm pretty sure most business people that use the wireless access at airports don't realize that it really isn't enough to just encrypt HTTP traffic, they need encryption on everything. Use a VPN or something, then at least the most dangerous part—the public wireless part—of the route will be encrypted. And it's the thankless task of sysadmins to set this up for management everywhere. Private users are left out in the cold by vendors, and they generally don't have the necessary understanding or a sysadmin to help them.
Having spent quite some time in the last few days on the wireless network at SANE 2006 with nearly completely unfiltered public IPs (both IPv4 and IPv6) via DHCP—where people definitely sniff traffic—I've been pretty paranoid about always using encryption of some sort as soon as it wasn't just simple web-surfing without logins. It was satisfying to see that I really didn't need to modify my behavior, I encrypt all logins over the net, including both sending and receiving mail via gmail. Everyone should do it that way. I could have used VPN too, but that was unnecessary in my case, and it's also not the right solution.
Everything sent over the network in cleartext should be assumed sniffed by someone. But you know that already.
End of public service announcement.
Author M. G. Liebach
LastMod 2016-05-01 (9fc4632)