Public WiFi Security

[alhenderson]

Afternoon All,

I was half watching Watchdog last night and half trying to block out the mother in law gossiping about something or other so missed most of the detail on their feature on public wifi security.  Could anyone who a) saw it and b) understood it give a summary for me?  I don't use them, but am interested in what was said and whether the BBC report was scare mongering or if there was actually some substance to what they said.

I saw a clip of them having hacked into someone's web email account - how did they do that?

Thanks,
Al.

[Rik]

Sorry, Al, didn't see it.

[alhenderson]

Sorry, Al, didn't see it.

Don't think you missed much, and judging by past Watchdog exposes on ebay etc I wouldn't be entirely surprised if it was all based around people blatantly not taking simple precautions.

Al.

[Rik]

I'd bet on it, tbh.

[psp83]

http://www.bbc.co.uk/iplayer/episode/b00nmv0l/Watchdog_29_10_2009/

The program they used looks like wireshark to get the information sent over wireless. I have wireshark on a laptop and i can tell what the laptop downstairs is sending and requesting.

[somanyholes]

aircrack and wireshark where the apps shown.... They will have been using other apps for a couple of other bits...

[somanyholes]

In answer to your question. I don't think any of this is overhyped. Public wifi should not be used for any type of service which requires you to login. Public wifi is incredibly unsecure. You are logging onto a network that you have no control of, the operator probably has little control of it either. If i so wanted I could easily sniff the majority of supposedly secure traffic at a public hotspot, not only that, but take over the majority of machines on that network. Most of this is pretty easy to do. I wouldn't put these type of issues down to user stupidity (of course this helps) the issue is that people for some reason trust networks that they have no contol over. If you want safer access then use a 3g dongle, however even this technology has it's problems. The only other way is to vpn out of the public wifi network as they advised on the program, again this isn't without problems.

[Rik]

Thanks for the advice, So.

[somanyholes]

I meant to add I thought the watchdog program was pretty good last night. Especially the BT bashing stuff 

[Rik]

Always good for a laugh.

[somanyholes]

I saw a clip of them having hacked into someone's web email account - how did they do that?

Again forgot to answer this bit. Having not seen the specific approach that they used, I can only guess at how they did it, however I reckon they will have done the below.

1. connected to the wireless network as per usual
2. performed arp poisoning (basically the victim machine sends all it's data through the hackers machine instead of of the router/access point on the premises, this occurs because the hacker tells the victims machine that his machine is the router. The hacker also tells the router that  he is the  victims machine, so all traffic between the victim and the router passes through the hackers machine allowing them to manipulate all traffic going between them. Hence the name for this attack being (man in the middle)
3. The hacker will have setup a proxy on their machine, allowing them to play around with the https traffic, what they will do in essence is strip all the ssl out of the login, so that the credentials can be seen in clear text on the hackers machine.

for those that are bothered further info is below. There are many other ways of doing this type of thing than is listed above, however the method above is a popular way of doing it.

http://www.oxid.it/downloads/apr-intro.swf ( this links to a much better explanation of man in the middle than I have provided)
http://vimeo.com/3970303 (this links to ssl strip in action)