So, curious if others are as annoyed by this as I am. Say you want to capture all your neighbors activities, just setup an SSID with the same name as an unlocked public wifi thing near you (or that restaurant below you with a well-known password). If you know they visit Starbucks or international-airport-guest-wifi or university-guest-wifi … etc. Just add that to your house and while others are near your home their phones might just hop onto your signal happily and start doing whatever.
Doesn’t this seem like a pretty blatant security gap that is never talked about? At least 99% of things are TLS so not really much of a concern other than like DNS snooping, or for the super nefarious/capable, downgrade attacks as a man-in-the-middle perhaps.
Can I configure my phone to only talk to a particular open SSID if it has at least the matching GPS location to where I first logged on to it? Of course I have “do not autoconnect to this WiFi” turned on in general, and I periodically sweep out any old/useless saved SSIDs.
Something as simple as geo-locking all WiFi signals would be awesome.
NOTE: If you work for an OS company and want to steel this idea for your next-gen ‘we protect our consumers with this new super advanced WiFi thing’ … please have it for free. I’ll just be happy to see it.
Yes it is an issue. Worse than that, all devices probe for their known networks. You can capture these probes and set up an SSID matching one they are looking for. As a consumer you can delete any previously joined networks or ‘forget’ them. This will help.
Having your phone connect to somebody’s router named “Kroger WiFi” still doesn’t mean they can access the data on your phone – it isn’t quite as simple as you make it sound.
iOS devices in particular don’t have many ‘listening ports’, for instance.
I straight up don’t use them and generally try not to use public Wi-Fi at all.
In case you didn’t know, you are referring to an Evil Twin attack where someone impersonates an access point with their own.
With deauth packets you can knock off a user from the legit wifi and if they aren’t paying attention or if they are set to connect automatically they would connect to the rogue access point. From there DNS redirection and suddenly they are a Bitcoin miner.
You should trust public Wi-Fi as much as you trust a visibly dirty gas station toilet. Adding a secured AP isn’t much better… an accessory could just set up a rogue AP with the same credentials.
I use a VPN on any wifi that I don’t control. There are a lot of things that are transmitted through plain text. If a guest network is properly configured, every device is isolated and cannot communicate with any other device on said network but there is always the chance of the man in the middle attack, not to mention that a lof of smaller public wifi networks are not setup properly as a guest network and are just “Open”. If you are curious about a network you are connected to, run an IP scanner on the subnet and see if it brings anything back other than the gateway and yourself.
This is a concern as old as time. Honeypot wireless networks are absolutely a thing. Hell, now you can’t necessarily even trust the cellular system with things like Stingrays.
Just don’t use them if you don’t have to, use VPNs when you do have to and always think about what you’re accessing when you are using public networks.
