Tip: Beware of Hacker Supplied Wifi
Having access to Wifi in coffee shops, book stores, airports, hotels and countless other places is wonderful. It allows for you to get out of the house and truly use that portable laptop computer to the full extent of its name.
This handy feature doesn’t come without its downfalls though, as I found out this morning. I was sitting in a coffee shop that will remain nameless, to protect it’s image. Because this has nothing at all to do with the coffee shop, it just happens to be this establishment that had been chosen as a hacker’s hotspot trap.
I turned on my laptop and instantly was asked to choose between two different networks. “attwifi” was first on the list, which has always been the one and only network that comes up as accessible at this particular location. Never before has any other accessible network shown up. Others may be on the list, such as other protected networks for the store, or other stores next door, but today, for the first time there were two openly accessible hotspots to choose from.
A second open network was oddly named, “Free Public Wifi”. So I connected just to see if it really was a newly created open network. I thought it may possibly be giving access to people who cannot come in and connect to the AT&T hotspot, because you either must have phone, internet, or paid access to their network. Perhaps this was to cater to those who have none of those services, or object to paying for Internet access twice. I am here often enough that I should consider shutting my Internet service off at home. When I connected to the wireless network however, I wasn’t seeing the default airport signal strength icon in the menu bar. I was seeing this:
That ladies and gentlemen is the icon that is displayed when you are connecting to the Internet through another computer setup to share its internet connection. Opening up Safari did gain me access to the Internet, but it was quite slow. Upon looking at network traffic, I noticed another computer, or website was trying to create an incoming connection with me. After hopping over to whatismyip.com I quickly learned that this attempted connection’s IP address was now only one number off from mine. Coincidence?…I don’t believe so.
I cannot say whether this was normal behavior, as I was essentially using that computer’s broadband connection to gain access to the Internet. It seems to me though, that this could potentially be the open Wifi hotspots we have been hearing about, that hackers are creating in order to intercept your incoming and outgoing Internet and Mail requests. Upon talking to the manager of the establishment, he showed quite an elevated level of concern, and also informed me that they had not added another open Wifi network, and that this matter would be looked into immediately.
He had also heard about this threat in recent tech news, and proceeded to place a sign by the register warning customers not to connect to it. I thought that I would offer this as a word of warning to any of you who have noticed these openly free public wifi hotspots. What kind of security precautions do you take on Wifi hotspots?
Ahhh!
Interesting..
I use my MacBook during lunchtimes at work to do serious coding and stuff (watch films!!!) and there always is a “Free Public Wifi” option available. I just assumed it was some free thinking geek at work that was sharing his connection.
I can connect to the AP – but not get a connection the Internet though…
I wonder if it is the same thing?
I will play in precicely 24 minutes when I am on lunch and let you know!
That same exact thing happened to me at the library this weekend. I connected to the Free Public Wifi, but then realized it was a direct-to-computer connection and disconnected immediately.
While it is indeed good personal security policy to be watchful and aware when piggybacking on an untrusted wireless network, the ‘free public wifi’ ad hoc meme has a long and storied history: http://tinyurl.com/2rc3dc
(i.e there probably wasn’t anything malicious going on, but it pays to be aware)
I’m surprised you’ve never seen it before. This is an old, apparently benign, but potentially exploitable virus. It passes from Windows XP machine to Windows XP machine so it is nearly ubiquitous because stupid people connect to it with Windows computers. As soon as you connect, you start transmitting.
Thankfully, we’re smart enough to be using Macs.
A google search quickly brings up dozens of descriptions of this. Here’s one: http://tinyurl.com/244cth
Yeah, most of those ssids are benign, as people have said.
I am also surprised you have never seen this before. It generally means that someone else has airport near you and possibly they have internet but many times they do not. It is benign and does not mean anyone is hacking anything.
When I sit in class dozens of us have wireless capability but none of us are allowed to connect to the internet so we all can see each other we have a lot of networks.
Don’t worrry about it.
I use SSH to connect to mail, irc, im, etc.
So most of my sensitive traffic get’s routed through to a server in a datacenter. Makes it lot’s harder for people to snoop on my traffic, and also allows me to use mail, IRC, IM through firewalls on client’s networks that don’t usually allow such activity.
I always see this at the airport.
As for what I do when on unfamiliar WiFi networks, I use JellyfiSSH to establish an SSH tunnel to a hosted server where I have a shell account. Then I point my proxy settings to the tunnel. Pretty simple, but it provides a basic level of security for connections over untrusted networks.
I do what Joshua does above but had not heard of JellyfiSSH. To surf ultra secure in OS X I make an ssh tunnel by hand. Great suggestion!
Unfortunately, WiFi hotspots are becoming a hotbed of malicious activity and many users do not appreciate the dangers of connecting in these environments. A simple google search will produce articles about the problem, so I’ll omit an extended explanation here. Granted, many of the more sensitive sites (shopping, banking, some online mail) are protected via https. That said, I found that the easiest way to eliminate the problem is through a VPN (virtual private network). Most companies use some form of this technology for employees to establish a connection to their network. However, if you do not have access to a corporate VPN, or just don’t want your employer to have ready access to your surfing habits, I have been using Witopia’s Personal VPN product for a couple of months and really like it. It costs $39.99 a year and if you have an iPhone, for the moment, they provide free access for that with your subscription. Yeah, yet *another* annual subscription to something wasn’t tops on my list of ‘things-to-buy’, but I’ll drop the $40 for the ease of use and peace of mind. These guys really seem to like Macs and I appreciated the candor on their site. The subscription doesn’t rope you in via an automatic renewal which I also thought was pretty cool.
Oh yeah, if you’re interested, you can find Witopia at http://www.witopia.net
free internet pocher…
eastward shuttles Willa evaluators!eases modeling!…
register for medicaid…
converge pong stubby idlers!…
very very cheap health insurance…
stadium jeopardizing Potemkin:jeweler seaming warmers …
Zvuk je z?ejm? z kina, perfekt (viz screen). Vyšlo toho více, tak možná o?ekávejte upgrade fiberglass mesh Vyšlo toho více kt (viz screen). tak možná o?ekávejte4rggf