Trade shows are a great place for vendors to display their wares to the world and invite closer inspection of their technology. But at the NetWorld+Interop conference last week in Las Vegas, one wireless vendor found the other attendees exposing more than their new products.

Jay Chaudhry, CEO of AirDefense Inc., fired up his company's wireless LAN security appliance and scanned the air for open networks. What he found was a mess of openly exposed traffic, unsecured devices, and even some malicious behavior. "We were surprised when we started seeing a lot of open traffic out there," he says. "You could see everything, from passwords to E-mails."

Some of his findings: Among the 230 access points identified on the showroom floor, 92 didn't use encryption; 38 were configured with default settings; and 15 were directly connected into hubs, which caused them to broadcast all wired traffic into the air. Of the 824 devices using those access points, 72 of them were broadcasting probes looking for corporate networks that weren't there. Capturing that information could help an intruder break into the wireless LAN back at a company's headquarters. Chaudhry even observed 16 denial-of-service attacks and 10 identity thefts.

It's likely that many of the unsecured wireless networks identified didn't need to be secure, since they were part of demo systems and didn't have anything of value. But Chaudhry says he's still surprised by the lax behavior. "Everyone is pretty conscious about security these days," he says. "You would think that you would want to demonstrate your best practices."