Recently I've been reading about ways to help your neighbourhood with the COVID-19 crisis, here in Spain. But one of the tips they gave was quite unsecure, because it's based in the fact that everyone is nice: "Share your WiFi!" well, it is a wonderful idea to share your Internet connection if you know how to protect it and have different channels for you and your guests. On the other hand trusting on unknown open WiFis is also a bad idea. I want to show today why, using a Wifi pineapple.
The original WiFi pineapple is a redteam gadget designed by Hak5, an offensive security exclusively brand. There are also Raspberry PI versions, but I'll use the original one. I'm using a pocket size version.
This gadget simulates a router and captures traffic of the ones who connect to it. It aims to assist professionals in MITM (man in the middle) attacks, which consist on steal data of a connection or impersonate someone.
This gadget is a lot of fun I must confess. You can access to the information launching a local web interface, seeing the networks around you, the devices and all. So when you are an user, what you see is an open connection sometimes using a familiar name such as "Starbucks" or something similar, and you can use the Internet (as the Pineaaple is connected to a legit source of Internet connection) so you might not notice you are being watched! Side note, if you try this in a security conference, you might get pranked when trying to do this attack as you might encounter WiFi connections around you named "idiot" or "gotcha".
In any case be careful out there, and even though an open WiFi is a huge temptation, don't be gullible. And if, even though, you want to share your WiFi, create a Guest's WiFi and share a password for it with neighbours.
Oldest comments (17)
Pretty good warning. But I think you should show how easy it is to steal someone's photos, or hack into computer or whatever.
Also there is a missing part "how to secure my WiFi" and "what to do when I have to connect to public wifi".
Of course, I'm not criticizing you, I was just hoping to read more about public's wifis security
Thanks! Okay so for example relying on an VPN is a nice option as long as you trust that VPN. What I do for example (firstly, avoid public WiFi, but in case that's not an option) using a pocket router with an VPN configured. About securing a WiFi, I shall note it down for now because that's more complex.
Stealing someone information used to be easier (thankfully) but even though now is still relatively easy. In any case I take your advise and think about a second part.
Thank you!
I look forward for second, extended pary ;)
The hacksmith did the same thing on YouTube
Wasn’t this device in an episode of Silicon Valley? 😂 Great article!!
Was it? probably hahaha
Its big brother was, not this one ;)
If you have an xfinity account but happen to be in an area where you are outside of your home network, Comcast opened up the public "xfinitywifi " SSD you see broadcast everywhere . You can use your credentials to sign in there and piggyback off a nearby router (I still suggest a VPN) 👍
Hope you are ok in Spain. I just returned from there on vacation. It was wonderful but almost wound up travel banned in Valencia!
Great advise over this! Thanks.
And thank you for you concern, I'm thankfully good, alongside my family, only a bit crazy to have been indoors for such a long time. Nice to know you managed to go back home.
Great advice. Now I know why some of my neighbor's wifi names are really weird. I am also about to take a computer networking class in college, and this post offered a pretty good preview into that. Thanks
I hope you enjoy your class!
Nice move!
Another option is to set a perfectly reliable WiFi password that cannot be guessed and cannot be easily hacked. Something like '0000' or 'password'.
And let's not forget about "1234" or "donthackme"
I used '1234' for some years, but it was just too hard to remember. I wrote it on a paper, took it with me wherever I went. Couple months ago I switched back to '0000' and never looked back since then.
Friends always think my password is 'sBb*pZxNJ%V@z^9a^4giveS' or something, so I know for a fact they would never go for '0000'. It's a twisted logic and my accounts are safe.
Sounds like the world needs FON.
I occasionally connect to a public wifi and then try connecting to something known to see if the certs match. It's surprising how many "real" public wifi points do this. Virgin Trains, for example, MITM everything for their "free" wifi.
Great advice on the potential danger!
I would also like to add the point of view of the person that wants to share his internet connection but not allow malicious intruders in his personal network.
Many commercial routers include the "Guest Network" feature which does gives access to the internet for connected devices, BUT does not let them see your personal devices on your network!
Sharing is caring, but please do not neglect your personal security and privacy.