Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why You See 'Free Public WiFi' In So Many Places

Posted by Soulskill on from the deja-vu-all-over-again dept.

An anonymous reader writes "Almost anywhere you go these days (particularly at airports), if you check for available WiFi settings, you have a pretty good chance of seeing an ad hoc network for 'Free Public WiFi.' Of course, since it's ad hoc (computer to computer) it's not actually access to the internet. So why is this in so many places? Turns out it's due to a bug in Windows XP. Apparently, the way XP works is that if it can't find a 'favorite' WiFi hotspot, it automatically sets up the computer to broadcast itself as an ad hoc network point, using the name of the last connection the computer attempted. So... people see 'Free Public WiFi' and they try to log on. Then their own computer starts broadcasting the same thing, because it can't find a network it knows. And, like a virus, the 'Free Public WiFi' that doesn't work lives on and on and on."

17 of 260 comments (clear)

  1. So... by Jorl17 · · Score: 4, Funny

    Windows really *is* a virus!

    Ah!

    --
    Have you heard about SoylentNews?
    1. Re:So... by cjb658 · · Score: 5, Funny

      Windows really *is* a virus!

      Ah!

      No. Viruses are:
      -Small
      -Free
      -Well-written

  2. Possible attack vector by TamCaP · · Score: 5, Insightful

    I guess I am not the only one that is thinking that "Free Internet" SSID is a perfect vector for a MIM attack. Has anyone heard of any cases where it has already been exploited?

    1. Re:Possible attack vector by Anonymous Coward · · Score: 5, Funny

      That's like using a scope when you're shooting ducks in a barrel.

      Well, no, it's more like using bait.

      Your average hipster walks sits down in an urban coffee shop and opens his laptop: the first thing he does is look for a signal from which he can leech access. Free? Public? Sounds like it's free, a virtue of which your average hipster whole-heartedly approves. Public sounds good too: it's like natural or organic or community (as an adjective) or recycled or [x]-friendly or tolerant or sustainable or any other epithet that reinforces his hipsterish sense of righteousness. Naturally, the hipster connects and begins surfing and checking e-mail. MITM gets to read his e-mail and his web reading habits (organic hipster porn).

  3. Old news by lavagolemking · · Score: 5, Informative

    Steve Gibson covered this over 3 years ago. https://www.grc.com/sn/sn-082.htm

  4. Re:I see this alot by Anonymous Coward · · Score: 4, Funny

    Oh wow! Is it a big alot? Or a furry one? Is it friendly? I hear alots can be dangerous.

    http://hyperboleandahalf.blogspot.com/2010/04/alot-is-better-than-you-at-everything.html

  5. Re:"They Still Use Windows XP?!" by Anonymous Coward · · Score: 4, Funny

    Queue the picture featuring a pair of laughing girls.

    Sure, why should today be any different than any other day in my life...

    *sighs*

  6. Re:I see this alot by TrisexualPuppy · · Score: 5, Informative

    The "hpsetup" ESSID is from HP bloatware. It is used to connect the computer to wireless peripherals, namely HP wifi-enable printers.

    I researched this myself, and it ended up that there were a bunch of better ways to implement it, but HP flat out didn't care.

  7. I don't see it very often... by damn_registrars · · Score: 4, Informative
    The claim of

    Almost anywhere you go these days (particularly at airports), if you check for available WiFi settings, you have a pretty good chance of seeing an ad hoc network for 'Free Public WiFi.'

    Doesn't match my experience. I have done a fair bit of flying lately - and always needing at least one connection each time because my closest airport sucks - and haven't seen it at the airports I've been to. I have checked for WiFi at coffee shops and restaurants and haven't seen that SSID there either. Lately I have been connecting through some of the busiest airports in the country (O'Hare and Newark Liberty in particular) and haven't seen this.

    In fact, I can't think of the last time I did see it. I often use my blackberry to access open WiFi spots, and I don't have a record of a network that I have connected to called 'Free Public WiFi'.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
    1. Re:I don't see it very often... by clone53421 · · Score: 5, Insightful

      I can remember seeing it a few times... like 2 years ago. Sort of like this story...

      --
      Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
    2. Re:I don't see it very often... by kidcharles · · Score: 4, Informative

      I commute through New York Penn Station twice every day. I don't think I've ever NOT seen "Free Public Wifi" on the list of connections on my Nokia N900.

      --
      Ceci n'est pas une sig.
  8. Re:Heh! by damn_registrars · · Score: 4, Funny

    That's the SSID for my home wi-fi :-D.

    Funny, that's the combination to my luggage...

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  9. Your machine would have to be years out of date by Anonymous Coward · · Score: 5, Informative

    to be affected. This was fixed in XP SP3. Love lines like "When a computer running an older version of XP ...." without further explanation. Haters gonna hate!

  10. Re:"They Still Use Windows XP?!" by wjousts · · Score: 4, Insightful

    I actually downgraded from 7 last year after determining that 7 did absolutely nothing I needed that XP didn't,

    Except, not having this bug....for one.

  11. Re:Slashdot reading Hack A Day? by A.+B3ttik · · Score: 5, Funny

    Almost anywhere you go these days (particularly on slashdot), if you check for new stories, you have a pretty good chance of seeing a a duped story from another site. Of course, since it's a duped story (news site to news site) it's not actually news. So why is this in so many places? Turns out it's due to a bug in site moderators. Apparently, the way they work is that if they can't find a 'new' story, they automatically sets up their site to broadcast a duped story, using the title of the last story that was popular. So... people see this and they try to read it. Then their own favorite sites start broadcasting the same thing, because it can't find a good story on its own. And, like a virus, the 'Duped Story' that doesn't work lives on and on and on."

  12. IPVFore! by Anonymous Coward · · Score: 4, Funny

    I was once called out for an emergency network repair at a local country club. A company had hired out the banquet room for a large business meeting, and could not get the wireless to work. When I arrived on site, I found that everyone in the room was connected to Free Public Wifi, being broadcast by one of the company owners' laptops. Turned out, the golf course did not have a wireless access point at all.

  13. Re:I see this alot by sumdumass · · Score: 5, Interesting

    Actually, it is pretty easy to hijack about any wireless network using WPA. WPA2 is only a tad bit more harder and both are easier then wep until you get into some business class security. Basically, all you need to do is flood the connection to force a reconnect between the devices then run a script or program on those packets.

    It's actually a little more difficult then that, but once you find the right programs and the right hardware to work with them, it's not much more difficult then that. And the most difficult parts are already taken care of and reusable for the most part.

    I have a laptop set up specifically to do this. Whenever I have a customer claim their rocket scientist nephew, or son, or the neibor's- dog's- sister's- aunt's cousin, or the time warner cable guy swears that wireless is safe and I don't know what I'm talking about, I simply tell them to go ahead and install it, then show up to ask how it's going with the wireless and show them that I'm already on the network. Sometimes I have to wait outside for about a half hour before I get it cracked, but I haven't ran into one wireless network yet that took longer then 2 hours to crack into. And yes, all the software needed is pretty much free and available on the interweb waiting to be downloaded and used. There is a pretty steep learning curve though but it's not that hard and there are a lot if tutorials out there. This is especially easy when the time warner guy and most outside techs try to use a phone number for the key phrase. Often, if you have a list of phone numbers to a building with wireless, going through those will get you a working key without needing all the monitoring and cracking software. Start with the Fax numbers as they are often tied to the DSL or the Cable Internet Phone which makes it easy for the technicians to find if they have to service it again.

    Anyways, once you are on the network, it's pretty trivial to send command to any windows box to do things that give you more control. Especially if they have the power shell installed. Most firewalls don't screen addresses on the network as it seems to be universally trusted in most environments.