I occasionaly connect to WIFI networks that redirect me and ask for some type of username and password. Often when out and about, on trains and at airports are good examples. Luckily in my laptop I have a 3g sim and so don't have a need for their wallet busting prices.
I suppose if you were fairly keen on getting a username and password for one of these services, you could always
- Connect to the network in question
- Save the page the you get redirected to
- Set up your laptop as a wireless hotspot and call the network BT_OPENZONE
- Modify the page slightly, posting and saving to a text file of your choice and force visitors to redirect to your new Page. Anyone foolish enough to login (not noticing that it's not on https etc..) will give you their password and username.
- Logon using your stolen details. Of course you need to remember that the action would be illegal..
It got me thinking that you could be even more malicious. Sitting down in a Starbucks, mimicking their WIFI and modifying your hosts file to redirect to fake local pages of major banks, email sites and the like is essentially a giant honeypot for collecting personal data. Someone could even prepare a complete web server install so that numpties wouldn't have to code the various fake sites etc...
Having thought of this makes me glad I stick to my 3g! I wonder how many people don't even think about accessing private sites without https on public networks. I wonder how many people walk out of The House Of Commons into a local pub and access sites on their Smartphones over the local WIFI without even thinking about things like this. If I was a nasty little spy I would be doing things like this. In fact I am certain they are doing things like this to our technologically demented MPs right now.