Slashdot Mirror

← Back to Stories (view on slashdot.org)

Beware the Airport Wireless

Posted by ryuzaki0 on from the far-too-trusting dept.

schwit1 writes to tell us that a recent study by a Silicon Valley-based security company shows that black-hats have been ramping up their use of tempting free or unsecured wireless access points in high travel areas like airports and hotels. "According to their study, even the 'secure' networks weren't all too safe. Eighty percent of the private Wi-Fi networks at airports surveyed by Airtight were secured by the aging Wired Equivalent Privacy (WEP) protocol, which was cracked back in 2001. Almost as many — 77 percent — of the networks they surveyed were actually private, peer-to-peer networks, meaning they weren't official hotspots. Instead, they were running off someone else's computer."

12 of 120 comments (clear)

  1. Old by sopssa · · Score: 4, Informative

    Isn't this quite old story? Already years ago I read that people have been setting their own hotspots near crowded places, and it works good because if you get better signal than the official hotspot the computers usually pick your hotspot first. This was even covered in The Real Hustle many seasons ago.

    And for that matter, you're in a insecure place connecting via some random network. Its just stupid.

    1. Re:Old by Anonymous Coward · · Score: 5, Funny

      I cracked my own network in minutes using this method. Can someone point me to a less complicated method?

      When I need to get into just about any secure network, this hacking multitool is what I use: CB G.Freeman.

      It can crack arbitrarily high amounts of encryption when applied to the proper segment of the network. It works very well, often only taking seconds to provide you with the authentication you require. It also can do wonders on conventional locking systems.

      Enjoy!

    2. Re:Old by girlintraining · · Score: 5, Insightful

      And for that matter, you're in a insecure place connecting via some random network. Its just stupid.

      But very convenient. You'd be surprised how much Stupid you can get for Convenience.

      --
      #fuckbeta #iamslashdot #dicemustdie
    3. Re:Old by Weedhopper · · Score: 4, Interesting

      If your system hasn't been compromised, it doesn't matter.

      You could do your banking on an open, unsecured network, no WEP, no WPA, etc because your traffic between you and your banking institution has been encrypted from point to point.

      That said, if I were you, I wouldn't do it.

  2. What's the big deal? by Anonymous Coward · · Score: 5, Insightful

    What's the big deal? Why worry about the insecurity of the local wireless network when you're connecting to the Internet... hello, it's insecure!! If your computer isn't secure it doesn't matter whether the local network is or isn't, your computer is still insecure. If you are doing things across the network that you want to keep private and you aren't doing them over SSL/SSH/VPN you are an idiot regardless of whether the local wifi uses WEP, WPA2, or no encryption at all.

  3. Ahh, the old "Free Public WiFi" issue by DigitalSorceress · · Score: 4, Interesting

    Ever notice an SSID for "Free Public WiFi" just pop up while you're at your place of work?

    When I first saw these, I assumed "someone got infected with some trojan which sets them up to pretend to be an open WiFi either to do a man-in-the-middle attack, or to infect my system with some kind of worm."

    After a bit of digging, I discovered that this was actually not malicious, but was a viral-like spread due to some strange way that one of the MS Operating systems was handling ad-hoc wireless connections.

    Here's a 2006 advisory on the issue
    http://www.nmrc.org/pub/advise/20060114.txt

    Here's a less technical explanation (in case you have to convert it to "boss speak")
    http://erratasec.blogspot.com/2007/01/ad-hoc-wifi-virus.html

    So, pretty much everyone says it's harmless.

    However, my initial suspicians (about MitM or worm infections) could easily be made to come true, and anyone who google'd it would say "oh, I guess it's that 2006 thing, no worries"

    Of course, being an ad-hoc node, it'll be kinda obvious to most geeks... and of course, most geeks would probably make sure they were tunneling or otherwise using the network safely anyhow.

    John Q. Public on the other hand? hoo boy. ... AND it doesn't help that so many products, in the name of making things easier on John Q. Public, will just auto-associate when they see an available connection.

    I don't really know where I'm going with all this except to say "Never trust any network outside your own, never EVER trust the Interwebs, and only trust your own network as far as you have to in order to make things work... especially if you're not the only one using it.", but you knew that already.

    --

    The Digital Sorceress
    1. Re:Ahh, the old "Free Public WiFi" issue by Anonymous Coward · · Score: 5, Informative

      A few years ago, I was at a SANS security course being hosted at the University of Minnesota. One of the tools we were using was Cain & Abel. The people at the university who had set up Wi-Fi for the class of 125 students had done a horrible job, a bunch of Apple Airports, all sharing the same SSID and the same channel, and each performing their own NATing. You'd bounce between APs and get IP collisions as you'd hit someone who already had that IP on the other AP. It was a total joke, and if you were lucky, you'd maybe get 10-20 minutes of working internet before it'd die again. So, I bought a day pass from the Starbucks access point in the lobby downstairs, which was very reliable by comparison. I then remembered I had my little Apple Airport Express in my bag that I carried with me for when I traveled to hotels that didn't have wireless, so I could set up my own network and sit in the bed, rather than at a desk chair. I used that to create an infrastructure wireless access point called "Free Better Internet" and routed all the traffic through my laptop back to the Starbucks AP downstairs. People would get so frustrated using the shoddy supplied internet that they'd try the other SSIDs they'd see in the list. I then turned on Cain & Abel, and within a couple of hours, I had over 700 username & password combinations, and this was in a class where they handed me the tool to do it on the class CD, and we were talking about it! The looks on my classmates faces when I showed them their usernames and passwords were priceless. I was amazed that large research schools weren't even using SSL on their IMAP connections, and I had a ton of AIM and ICQ passwords, not to mention dozens of web site passwords, even my co-worker's password to her World of Warcraft Guild web site! :) The moral of the story, is that even "smart" people, who know exactly what the risks are, and who know how to use a VPN, will give up a LOT of security in exchange for free internet access!

  4. Re:How is this dangerous to a normal user? by sopssa · · Score: 5, Insightful

    What about if the hotspot doesn't actually give the user the real page, but instead phishing page? I doubt many normal users notice that HTTPS isn't on. Or like in the above The Real Hustle video, "for $1 you can get one hour of surfing time, just enter your credit card details" and you probably can guess what happens from there.

  5. relay by digitalsushi · · Score: 5, Interesting

    While I was at University, there was often someone broadcasting the SSID "UNH-Wireless" in their Memorial Building. The official SSID was just unhwireless. UNH required you to register your MAC before they would forward your packets to the Internet, but the rogue SSID was open. Since the Memorial Building was where all the visitors ended up for lunch after tours, I wonder how many delicious things were intercepted.

    (New Hampshire is the one that touches the ocean. The other one is Vermont, which is the one that touches Canadia.)

    --
    slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
  6. Comment removed by account_deleted · · Score: 4, Insightful

    Comment removed based on user account deletion

  7. Re:Get to work! Here's how to crack WEP networks by davester666 · · Score: 4, Funny

    Connect to your wireless router via Ethernet and click the 'Show Password' checkbox?

    --
    Sleep your way to a whiter smile...date a dentist!
  8. Wrong by aywwts4 · · Score: 4, Interesting

    Sure if the network is truly adhoc, but these aren't, the hacker needs to get the wifi from somewhere, and more often than not it is the official airport/coffeeshop wifi.

    This is someone connecting to a wireless access point with their laptop, running the sniffing suite on the laptop, and running a portable access point out another ethernet jack or through USB. I have a great USB based access point that is able to repeat and share any signal I can get, I use it to route wifi over great distance over a cantenna and repeat it to all my devices, it will not show up as an ad hoc network. Mine is old they make them even better, smaller and cheaper now. Nobody is going to bat an eye at the hacker with a usb cable running into his laptop bag.

    PS: Firefox with a proxy including DNS + Putty running a dynamic proxy + A linux box at home (such as a low power tomato router) with SSH access + Priv/Pub ssh keys + DynDNS static IPs = 3 second complete encryption of everything no matter how sketchy the access point.

    PSS: People saying this isn't a problem, so much webmail is unsecured by default, so many passwords are emailed to users. Please just trust the security geeks, you are really really vulnerable to deep packet inspection and transparent proxies. Secondly you are trusting the blackhat's DNS, are you really going to notice when you go to paypal/etc and the HTTPS is missing just one time?

    --
    Web Developers: Celebrate to our roots! Animated Gifs and Tiled Backgrounds, dont let our history die!