This site may earn affiliate commissions from the links on this page. Terms of utilize.

Rogue Wi-Fi

What's one of the starting time things you practice when you lot go to an drome, or roll into a new city for a briefing or meeting? For many of usa, the answer is: Find a free Wi-Fi hotspot. It is reasonable to expect to find some kind of gratuitous Wi-Fi service at airports, hotels, conference venues, some restaurants, and, of grade, at ubiquitous Starbucks locations.

However, what if someone decided to place functional, though still rogue, unsecured hotspots in one of these locations? Would you be vigilant enough to notice reasonable-looking but bogus hotspot SSID names? This is exactly what security software company Avast did in Barcelona, Spain during Mobile World Congress (MWC) this week.

Avast set up functional rogue hotspots at MWC's registration booth at Barcelona Drome with the SSID names "Starbucks," "Airport_Free_Wifi_AENA," and "MWC Free WiFi." All these names look similar reasonable names for legitimate hotspot networks. Yet, hotspots in Starbucks locations are named "Google Starbucks," and AENA is the old name for the government-owned organization that runs most of the airports in Spain. Its current proper noun is ENAIRE.

In a four-hour test flow, Avast recorded more than 2,000 unique users. Information technology scanned the data from these devices for categorization, but didn't store any data. Avast reported information technology was able to identify the device name and user identity of 63.five% of these users. For Bone, 50.1% of the devices ran Apple iOS, 43.4% ran Android, and six.5% ran Windows Phone. These percentages are quite dissimilar from worldwide market shares for these platforms, which generally are eighty+% Android, 14% iOS, and 1 or ii % for Windows Phone. We tin estimate that this difference is thanks to the unique mix of the kind of people who attend MWC.

Avast also institute that 61.seven% either searched for information using Google or checked electronic mail using Gmail. Another stats: fourteen.9% accessed Yahoo, 52.3% had a Facebook app installed, while merely 2.4% had a Twitter app installed. And ane% used the Tinder or Badoo dating apps.

Annotation that Avast just reported about devices running mobile operating systems. Presumably, the registration area at the drome was not a place where people would apply a notebook computer running Windows, Bone/X, or Linux (though other areas would have been).

Linksys WRT1900AC WiFi router, outside on some gravel

The company's advice will seem obvious to many longtime readers of our site: "Many individuals recognize that surfing over open Wi-Fi isn't secure. However, some of these same people aren't enlightened that their device might automatically connect to a Wi-Fi network unless they adjust their settings," said Gagan Singh, president of mobile at Avast, in a statement. "With most Mobile Globe Congress visitors traveling from abroad, it's non surprising to see that many opt to connect to free Wi-Fi in guild to save money, instead of using data roaming services. When taking this road, people should utilize a VPN service that anonymizes their information while connecting to public hotspots to ensure that their connection is secure."

Avast sells its own SecureLine VPN product. Our own ExtremeTech article, The ultimate guide to staying anonymous and protecting your privacy online, recommends ii multi-platform VPN products: TorGuard and Individual Cyberspace Admission.

Finally, while Avast carried out a planned experiment, at that place was an interesting unplanned Wi-Fi experiment that took place years ago due to a bug in Microsoft Windows XP. As NPR explained back in 2010:

When a computer running an older version of XP can't observe any of its "favorite" wireless networks, it volition automatically create an ad hoc network with the aforementioned name equally the last i information technology connected to -– in this example, "Complimentary Public WiFi." Other computers within range of that new advertizement hoc network can encounter it, luring other users to connect. And who tin resist the give-and-take "gratuitous?"

The result was that perchance thousands notebooks running Windows XP were broadcasting the "Complimentary Public WiFi" SSID subsequently connecting to (only non having Internet access) to another notebook with that SSID. Although problem was fixed in Windows XP Service Pack 3 (SP3), some of us connected to see this SSID for several more than years.

Creative Commons clipart from openclipart by neorg and GDJ.