There are lots of networking gurus here, right?

[G+_Glenn Nelson]

There are lots of networking gurus here, right? So let me ask about a problem with WEBDAV and Blackberry Classic. 2 years ago I setup a friend's BB to use Gmail, primarily so that she could sync her contact list to Google. The setup required WEBDAV. This has worked fine.

However, when we travel out of the area (e.g., from SF Bay to Montana recently), she gets a few messages from Goog warning her that someone else has just logged into her account from a new location! Because she was too hasty to do something about it, I never had a chance to carefully study the problem. But it did not seem to block her from using her contact list while emailing via Yahoo (unfortunately her preferred account).

 

Can anyone explain why she gets these absurd complaints from WEBDAV?

[G+_Travis Hershberger]

That's not WEBDAV, that's Google's own location based security. I've seen it a number of times when logging in from an abnormal place. I generally get an option to say that it was me, and it is then fine.

[G+_Glenn Nelson]

Sorry, I should have been more specific. The messages specifically named the WEBDAV service as the complainant. And it actually proclaimed that someone else had just logged in as her, without offering an option to confirm identity, perhaps because it was not an Android device. I am familiar with the Goog messages that may arise with a new web browser or device and this was nothing like that.

It's just weird, why would a new location trigger a WEBDAV warning like that?

Of course I considered the possibility that her phone had actually been hacked the moment we connected to motel wifi, but since it happened each time we changed motels in the area, I figured it was not an attack.

[G+_Black Merc]

Routing? Wifi can be redirected, the cellular carriers do handoffs 'good enough' but wifi is a crazy animal. Plus (thinking 'man in the middle') how many proxies and corporate firewalls could you be going through using an unknown wifi? Did the wifi admin invoke client isolation? How many hackers are in the hotel? YOUR NOT AT BLACKHAT ARE YOU? If you are RUN!

[G+_Ben Reese]

I'd still guess it's Google's security that's flagging it. Just the fact that it knows you're using webdav doesn't mean it's webdav's fault.

 

And there's a good chance they're calling out webdav access specifically because they want you to turn that off.

[G+_Glenn Nelson]

I agree that it's Google security, but why? The webdav access is coming from the same device, we just happened to be 1000 miles from home.

[G+_Ben Reese]

Glenn Nelson because Google knows you can't drive 1000 miles in 4 hours, but somehow you were logged in at location A then suddenly you were also logging in at location B.

Perhaps if it was an Android device or iPhone Google could tell that you were at the airport and may appear 1000 miles away soon? I don't know.

 

But I haven't flown in >10 years, so I really can't speak from experience. I've just also heard of others getting the alert when they fly.