Slashdot Mirror

← Back to Stories (view on slashdot.org)

How a Wi-Fi Pineapple Can Steal Your Data (And How To Protect Yourself From It) (vice.com)

Posted by BeauHD on from the behind-the-scenes dept.

An anonymous reader writes: The Wi-Fi Pineapple is a cheap modified wireless router enables anyone to execute sophisticated exploits on Wi-Fi networks with little to no networking expertise. A report in Motherboard explains how it can be used to run a Wall of Sheep and execute a man-in-the-middle attack, as well as how you can protect yourself from Pineapple exploits when you're connected to public Wi-Fi. "... it's important that whenever you are done connecting to a public Wi-Fi network that you configure your phone or computer to 'forget' that network. This way your device won't be constantly broadcasting the SSIDs of networks it has connected to in the past, which can be spoofed by an attacker with a Pineapple," reports Motherboard. "Unfortunately there is no easy way to do this on an Android or an iPhone, and each network must be forgotten manually in the 'Manage Network' tab of the phone's settings. Another simple solution is to turn off your Wi-Fi functionality when you're not using it -- though that isn't as easy to do on some devices anymore -- and don't allow your device to connect to automatically connect to open Wi-Fi networks."

11 of 46 comments (clear)

  1. Already fixed by PReDiToR · · Score: 4, Interesting

    Wi-Fi Privacy Police.

    Take a look, I'm not connected with the project.

    --

    Do not meddle in the affairs of geeks for they are subtle and quick to anger
  2. Re:nothing new here. by mjwx · · Score: 3, Insightful

    MITM wifi attacks and hotpot impersonation have been a thing for the better part of a decade now, what does this bring to the table that malicious actors didn't already have?

    Yes, but now it has a Web 2.fucking.0 name, a marketing slogan and can be encased in a plastic pineapple. Cant you see how this is completely different?

    --
    Calling someone a "hater" only means you can not rationally rebut their argument.
  3. SSID Broadcast by Anonymous Coward · · Score: 2, Informative

    Only the SSIDs of hidden networks need to be broadcast, not all SSIDs of the listed networks.

  4. Try making it clear by Bohnanza · · Score: 4, Insightful

    One thing that would help is if you actually told people what is going on. If you warn people of a possible "Wall of Sheep" attack from a "Wifi Pineapple" you are telling them nothing at all.

    --

    -----

    Sorry, I'm only a 1336 h4x0r.

    1. Re:Try making it clear by freeze128 · · Score: 2

      If the Wi-Fi Pinapple listens passively for clients trying to connect to their 'remembered' Wi-Fi hotspots, then why can't the cell phones also do that? Why do they need to shout "Hey, here are all the access points that I have connected to in the past"?

    2. Re:Try making it clear by dissy · · Score: 2

      Why do they need to shout "Hey, here are all the access points that I have connected to in the past"?

      It's part of the spec, not so much wifi specifically but DHCP and DNA protocols.

      The idea was when you first connect to a wifi network, you use ARP at layer 2 and broadcast a DHCP request to get a valid IP to begin using layer 3.
      When you are disconnected "briefly" and reconnect later, that IP is likely to still be valid for use.

      Using DNA (direct network attachment), you can broadcast the previously used router MAC, device MAC, and SSID to verify you are on the same local link, and can begin reusing your previous IP without having to wait for a DHCP renewal.
      If you send an ARP with the remembered MACs, and get a reply, something else is now on the IP you had and you must renew with DHCP to get another IP.
      If you don't get a reply, its generally safe to assume it.

      I presume it was assumed this would be a common and desired situation. Walking around in and out of wifi range, or maybe allowing the radio to go into a sleep mode where it basically is off and thus detached from the network, this does let you reconnect a bit faster.

      I also presume the security implications were just not thought of or cared about.

      https://www.ietf.org/rfc/rfc4436.txt

  5. Great! by 140Mandak262Jamuna · · Score: 3, Funny
    All intel chips are vulnerable. OK let me switch to mobile and avoid intel.

    All WiFi devices are vulnerable. OK I am going to turn off wi-fi and use only mobile data

    Next?

    Rouge Cell towers, stingrays, ...

    ALL OUR BASES ARE BELONG TO THEM

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:Great! by DontBeAMoran · · Score: 2

      Rouge cell towers

      Well, just connect to the blue or green ones. Problem solved.

      --
      #DeleteFacebook
  6. Breakthrough security method by Murdoch5 · · Score: 2

    How about not connecting to WiFi hotspots? With mobile data being plentiful, you simply don't need to hook up to WiFi hotspots, which completely removes the need to forget them :)

    1. Re: Breakthrough security method by Dog-Cow · · Score: 2

      Cheap, quality mobile data is far more accessible outside the US than in. You seem to be living in a bubble.

  7. Re:nothing new here. by ctilsie242 · · Score: 3, Interesting

    Even on iOS, VPNs are trivial. Some VPNs even offer an app which can allow you to select the closest server group, install a profile, and have the VPN auto configure when on Wi-Fi, with the ability to whitelist a few trusted SSIDs.

    I'm amazed that Apple or Google hasn't offered their own VPN service where you just flip a switch, ensuring no matter what hanky-panky the AP/ISP does, the worst they can do is slow down or block traffic, not change it.

    I decided to go with a VPN always when telcos started actively adding X-UIDH headers on HTTP exchanges. That, and Phorm with ads injected via traffic in flight.