Re: No SSL/TLS?
What they did was inject a "please log in" popup
From the way the article and the video are portraying it, it would appear that only MEP Honeyball got a pop-up phishing message. Lord Strausburger had an unencrypted VOIP session packet-sniffed/recorded and the password capture method for MP Davis was not specifically stated, although HE said: "Alarmingly, the password would have been broken no matter how strong it was. Public Wi-Fi is inherently insecure: usernames and passwords are shown in plain text in the back of a Wi-Fi access point, making them simple for a hacker to steal" which implies heavily that he was not using an encrypted protocol for at least one his logins. Password reuse did the rest.
Biting the hand that feeds IT
