Slashdot Mirror

← Back to Stories (view on slashdot.org)

How a Wi-Fi Pineapple Can Steal Your Data (And How To Protect Yourself From It) (vice.com)

Posted by BeauHD on from the behind-the-scenes dept.

An anonymous reader writes: The Wi-Fi Pineapple is a cheap modified wireless router enables anyone to execute sophisticated exploits on Wi-Fi networks with little to no networking expertise. A report in Motherboard explains how it can be used to run a Wall of Sheep and execute a man-in-the-middle attack, as well as how you can protect yourself from Pineapple exploits when you're connected to public Wi-Fi. "... it's important that whenever you are done connecting to a public Wi-Fi network that you configure your phone or computer to 'forget' that network. This way your device won't be constantly broadcasting the SSIDs of networks it has connected to in the past, which can be spoofed by an attacker with a Pineapple," reports Motherboard. "Unfortunately there is no easy way to do this on an Android or an iPhone, and each network must be forgotten manually in the 'Manage Network' tab of the phone's settings. Another simple solution is to turn off your Wi-Fi functionality when you're not using it -- though that isn't as easy to do on some devices anymore -- and don't allow your device to connect to automatically connect to open Wi-Fi networks."

5 of 46 comments (clear)

  1. Already fixed by PReDiToR · · Score: 4, Interesting

    Wi-Fi Privacy Police.

    Take a look, I'm not connected with the project.

    --

    Do not meddle in the affairs of geeks for they are subtle and quick to anger
  2. Re:nothing new here. by mjwx · · Score: 3, Insightful

    MITM wifi attacks and hotpot impersonation have been a thing for the better part of a decade now, what does this bring to the table that malicious actors didn't already have?

    Yes, but now it has a Web 2.fucking.0 name, a marketing slogan and can be encased in a plastic pineapple. Cant you see how this is completely different?

    --
    Calling someone a "hater" only means you can not rationally rebut their argument.
  3. Try making it clear by Bohnanza · · Score: 4, Insightful

    One thing that would help is if you actually told people what is going on. If you warn people of a possible "Wall of Sheep" attack from a "Wifi Pineapple" you are telling them nothing at all.

    --

    -----

    Sorry, I'm only a 1336 h4x0r.

  4. Great! by 140Mandak262Jamuna · · Score: 3, Funny
    All intel chips are vulnerable. OK let me switch to mobile and avoid intel.

    All WiFi devices are vulnerable. OK I am going to turn off wi-fi and use only mobile data

    Next?

    Rouge Cell towers, stingrays, ...

    ALL OUR BASES ARE BELONG TO THEM

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  5. Re:nothing new here. by ctilsie242 · · Score: 3, Interesting

    Even on iOS, VPNs are trivial. Some VPNs even offer an app which can allow you to select the closest server group, install a profile, and have the VPN auto configure when on Wi-Fi, with the ability to whitelist a few trusted SSIDs.

    I'm amazed that Apple or Google hasn't offered their own VPN service where you just flip a switch, ensuring no matter what hanky-panky the AP/ISP does, the worst they can do is slow down or block traffic, not change it.

    I decided to go with a VPN always when telcos started actively adding X-UIDH headers on HTTP exchanges. That, and Phorm with ads injected via traffic in flight.