All data, from passwords to credit card numbers.
Hidden Wi-Fi Dangers Revealed
Print
By Richard Clooke on July 19, 2013
Wi-Fi Hacking Dangers
mobilesecurity.com [London, UK] An independent security expert has warned that millions of mobile Wi-Fi users are at risk from hackers. Raul Siles told Help Net Security that a well-known bug, identified several years ago, remains a problem on many handsets, including BlackBerry, Android, iPhone and some Windows devices.
The issue is with the Preferred Networks List, or PNL, that is stored in Wi-Fi enabled smartphones. This list queries networks that are detected by the phone and attempts to join those on the PNL first.
The bug enables hackers to access this list if the device is connected to public Wi-Fi, using eavesdropping software.
Networks on the list could include any Wi-Fi connection you’ve set-up previously, including other public Wi-Fi hotspots, your work network or your home broadband. When your Wi-Fi is switched on, it specifically looks for those preferred networks first. Your phone is effectively broadcasting the networks that it’s looking for.
With this data being broadcast, a would-be hacker can set up a fake Wi-Fi network with the same details as one on the phone Preferred Network List. As a result, your phone’s Wi-Fi is automatically connected to the hacker’s network - exposing all data you subsequently transmit during your session. All data, from passwords to credit card numbers. The “man in the middle” (the hacker who set up the fake Wi-Fi network) would have access to all this information.
“This situation has been known since 2004,” Siles told Help Net Security, “Microsoft fixed it for Windows XP in 2007 and recently in Windows Phone devices but it seems the other mobile device vendors are not as concerned.”
The bug affects several smartphone operating systems in wide use, including Android 2, 3 and 4 and BlackBerry 7. The bug is also in iOS versions 1 to 6, if users manually add networks to their preferred list.
On BlackBerry, you can go to Settings, then Networks and Connections. Choose Wi-Fi Network then “Saved Wi-Fi Networks”. In each of ‘saved networks’ in the list, enable the “SSID (Service Set Identifiers) Broadcasted” option. This means that the device will only connect to a network if the Wi-Fi identifier is being broadcast. In cases like this, the fake network will usually have a hidden SSID - as it’s configured just to catch you out.
Unfortunately, the other affected operating systems have no easy solution. The most drastic way to work around this is to turn off Wi-Fi in public places. However, with a little common sense and care, you should still feel safe surfing the web in public.
Until the vulnerability is patched, it’s advised that mobile users continue to be vigilant when connecting to public Wi-Fi networks. If you do connect to Wi-Fi in public places, pay attention to which network you’re connected to.
If you find that you have somehow joined a network that appears to be your home or work connection while you’re out and about - that’s a clear sign that a third party may have accessed your phone’s PNL and is faking the network address.
You should also ensure that your device is protected by security software, like Norton Mobile Security. A man-in-the-middle attack could be directing users to phishing websites, which Norton Mobile Security will spot and block. On iOS devices you can use Norton Hotspot Privacy, that creates secure login details that can’t be seen by eavesdropping software.
- See more at: http://www.mobilesecurity.com/articles/567-hidden-wi-fi-dangers-revealed#sthash.a17rDoK8.dpuf
By Richard Clooke on July 19, 2013
Wi-Fi Hacking Dangers
mobilesecurity.com [London, UK] An independent security expert has warned that millions of mobile Wi-Fi users are at risk from hackers. Raul Siles told Help Net Security that a well-known bug, identified several years ago, remains a problem on many handsets, including BlackBerry, Android, iPhone and some Windows devices.
The issue is with the Preferred Networks List, or PNL, that is stored in Wi-Fi enabled smartphones. This list queries networks that are detected by the phone and attempts to join those on the PNL first.
The bug enables hackers to access this list if the device is connected to public Wi-Fi, using eavesdropping software.
Networks on the list could include any Wi-Fi connection you’ve set-up previously, including other public Wi-Fi hotspots, your work network or your home broadband. When your Wi-Fi is switched on, it specifically looks for those preferred networks first. Your phone is effectively broadcasting the networks that it’s looking for.
With this data being broadcast, a would-be hacker can set up a fake Wi-Fi network with the same details as one on the phone Preferred Network List. As a result, your phone’s Wi-Fi is automatically connected to the hacker’s network - exposing all data you subsequently transmit during your session. All data, from passwords to credit card numbers. The “man in the middle” (the hacker who set up the fake Wi-Fi network) would have access to all this information.
“This situation has been known since 2004,” Siles told Help Net Security, “Microsoft fixed it for Windows XP in 2007 and recently in Windows Phone devices but it seems the other mobile device vendors are not as concerned.”
The bug affects several smartphone operating systems in wide use, including Android 2, 3 and 4 and BlackBerry 7. The bug is also in iOS versions 1 to 6, if users manually add networks to their preferred list.
On BlackBerry, you can go to Settings, then Networks and Connections. Choose Wi-Fi Network then “Saved Wi-Fi Networks”. In each of ‘saved networks’ in the list, enable the “SSID (Service Set Identifiers) Broadcasted” option. This means that the device will only connect to a network if the Wi-Fi identifier is being broadcast. In cases like this, the fake network will usually have a hidden SSID - as it’s configured just to catch you out.
Unfortunately, the other affected operating systems have no easy solution. The most drastic way to work around this is to turn off Wi-Fi in public places. However, with a little common sense and care, you should still feel safe surfing the web in public.
Until the vulnerability is patched, it’s advised that mobile users continue to be vigilant when connecting to public Wi-Fi networks. If you do connect to Wi-Fi in public places, pay attention to which network you’re connected to.
If you find that you have somehow joined a network that appears to be your home or work connection while you’re out and about - that’s a clear sign that a third party may have accessed your phone’s PNL and is faking the network address.
You should also ensure that your device is protected by security software, like Norton Mobile Security. A man-in-the-middle attack could be directing users to phishing websites, which Norton Mobile Security will spot and block. On iOS devices you can use Norton Hotspot Privacy, that creates secure login details that can’t be seen by eavesdropping software.
- See more at: http://www.mobilesecurity.com/articles/567-hidden-wi-fi-dangers-revealed#sthash.a17rDoK8.dpuf
Google, Facebook and others got money from US govt to spy on users
READ MORE
US Internet Spying|Prism Programme|NSA Payout to Internet Companies|National Security Agency|Edward Snowden
The
report by Guardian noted that the money was paid by the NSA to
technology companies after a US court ruled out some part of
surveillance programme illegal in 2011.
RELATED
NEW DELHI: Several US-based technology companies, including Google, Facebook, Microsoft and Yahoo, not only helped the National Security Agency in spying on their users but were also paid millions of dollars by the US government for their efforts.
The latest revelations are made by Guardian website that has received thousands of leaked NSA documents from Edward Snowden, who worked at the agency.
The report by Guardian noted that the money was paid by the NSA to technology companies after a US court ruled out some part of surveillance programme illegal in 2011. While the court order did not stop the surveillance, it reportedly asked NSA to implement several additional measures to safeguard the privacy of American citizens. This reportedly required change in the surveillance gear and mechanism used by the technology companies.
"While the ruling did not concern the Prism program directly, documents passed to Guardian by whistleblower Edward Snowden describe the problems the decision created for the agency and the efforts required to bring operations into compliance," noted the report.
Prism, as alleged by Snowden, is a surveillance programme run by the NSA with the help of technology companies. Technology companies had earlier denied that they worked with the NSA for any programme called Prism.
"Last year's problems resulted in multiple extensions to the certifications' expiration dates which cost millions of dollars for Prism providers to implement each successive extension — costs covered by Special Source Operations," NSA reportedly noted in one of its documents in 2012.
The latest revelations are made by Guardian website that has received thousands of leaked NSA documents from Edward Snowden, who worked at the agency.
The report by Guardian noted that the money was paid by the NSA to technology companies after a US court ruled out some part of surveillance programme illegal in 2011. While the court order did not stop the surveillance, it reportedly asked NSA to implement several additional measures to safeguard the privacy of American citizens. This reportedly required change in the surveillance gear and mechanism used by the technology companies.
"While the ruling did not concern the Prism program directly, documents passed to Guardian by whistleblower Edward Snowden describe the problems the decision created for the agency and the efforts required to bring operations into compliance," noted the report.
Prism, as alleged by Snowden, is a surveillance programme run by the NSA with the help of technology companies. Technology companies had earlier denied that they worked with the NSA for any programme called Prism.
"Last year's problems resulted in multiple extensions to the certifications' expiration dates which cost millions of dollars for Prism providers to implement each successive extension — costs covered by Special Source Operations," NSA reportedly noted in one of its documents in 2012.
Subscribe to:
Comments (Atom)