The last couple of days have been all about getting everything packed and ready to go because I’m heading south to visit family and friends. Literally heading south right now because, for the first time since I started doing these journeys, there’s actuallly a working wifi service on the coach! So here I am composing a blog post whilst listening to ProTracker modules, sipping diet Coke and zooming down the M1 – I think we’re coming up on Leicester soon – how pretentious is that?!
Well okay, not particularly because it’s old hat for most people but the coaches on this run haven ‘t previously offered wifi and, although I know there’s a streaming service available so they must be reasonably confident of the bandwidth, I’m quite surprised at how quick the connection actually is. The down side is that its being filtered with OpenDNS/Cisco Umbrella and a few of my regular haunts like Atari Age aren’t available so those poor souls will have to survive without my “wit and wisdom” until later.
I had a quick stab at circumventing the filtering of course, but both Opera’s VPN and TeamViewer won’t connect and forcing the DNS to 22.214.171.124 failed as well; hardly surprising of course because I wouldn’t expect Cisco to miss any of those tricks, but still a pain considering I’m seeing “invalid” certificate errors from WordPress.com and YouTube amongst others. Anyway, I’ve managed to kill most of an hour and about half of the battery on my old Dell D630 with this ramble so I might as well kick it out… there’ll be at least one post this coming week but I’m not sure when and “normal” services will resume after that.
Not too long ago I was reading a piece on the interwebs called the beginners guide to breaking website security with nothing more than a Pineapple and that title is a direct link to the page on author Troy Hunt’s blog. It isn’t a piece of the technically faint hearted, so I’ll try for a quick summary; there’s an inexpensive device called the Pineapple that ruthlessly exploits how trusted wifi connections work. Wireless devices are constantly calling out to known connection points, so if your home router is called MyHomeNet, when the mobile device you have connected to it in the house is out and about it’s periodically calling “is MyHomeNet there” into the ether to see if the router is around to make a connection… and the Pineapple listens for these calls and responds, pretending to be whatever Service Set Identification (SSID from here onwards) the device is asking for. Strap that to a laptop running Wireshark, share internet connectivity through another network connection and you’ve got a “man in the middle” listening post watching unsuspecting peoples’ traffic.
That’s quite alarming, but although I’m usually a lovely, fluffy bunny it also set the more nefarious, black hat wearing side of my mind working; fast food restaurants, coffee shops, hotels and even supermarkets offer free wireless and many of these access points appear as unencrypted networks; that connection pushes the user to a landing page where they enter a mobile number, which is then texted a code that unlocks the service. But as noted, the access point itself in these systems just appears as an unsecured wireless network so what happens if a mobile device configured to log in automatically on one of these services comes across another network with a matching SSID?
Here’s my 1337 h4x0r rig to look into that question and yes, that’s sarcasm because it’s thrown together from scrap and spares. I’m using a battered Acer TravelMate 2350 which was dropped and half killed in a former life, connected to a D-Link wireless router which has been configured to broadcast the SSID of a national supermarket chain’s free wifi service. And when this pile of junk went online, my old Blackberry Curve which had previously been taught the same SSID from one of the supermarket’s access points earlier in the day automatically connected with absolutely no questions asked!
So what can we take away from this apart from a nagging paranoia? Well, anybody who works in IT has probably known for a while that wifi security is at best adequate and anybody with the right tools but no morals can at least theoretically crack into your router or access point if the shared pass phrase is weak enough. And television programmes like The Real Hustle have demonstrated how con artists use wifi, but this is in a way that requires marks to connect to a bogus SSID so the grifter risks discovery by placing themselves in or near the location of the network they’re spoofing (here’s a clip and this is really worth a watch if you use a laptop or other mobile device when traveling).
But what the Pineapple does is a different matter, it works anywhere and abuses the trust wireless devices have when it comes to networks so users can just be wandering along and minding their own business whilst the connection is made to their mobile device and all traffic for social media or email starts going through a monitored connection. The golden rules seem to be don’t let your mobile devices remember shared networks like the ones in public places (so delete the connection when you’re finished and that goes for the Apple Demo network some Apple stores use to demonstrate wifi use to their customers), turn off the device’s wifi completely when not using it and don’t use public connections to log into email accounts, online banking, Paypal, eBay, forums or anything else where losing control of the account would be a bad thing.