Security and privacy expert F-Secure demonstrates why joining an untrusted unsecure Wi-Fi network with your phone or tablet is a really bad idea, even if it looks legit…
A slightly terrifying experiment conducted in London by F-Secure shows why merrily connecting to any free Wi-Fi network you find is a really bad idea. You could be leaving your private data and account info exposed, even if the Wi-Fi network looks like a legitimate service.
Finn Steglich, an IT security consultant, set up a free Wi-Fi hotspot in Canary Wharf and Westminster and monitored traffic as random phone users hooked up to the network on the fly. With the hotspot connected to his laptop, Steglich was able to see all of the users’ unecrypted data and was able to nick their usernames and passwords, giving him access to to their private accounts.
When the dodgy hotspot was positioned outside the Queen Eliabeth II Conference Centre, right next to the Houses of Parliament, it took just ten minutes to gather a handful of unwitting surfers. In half an hour, 250 devices connected to the network, most of them automatically, while 33 active users used the dodgy connection to transmit data.
The scary thing is, a dodgy service like this can be named almost anything by the criminals, so in this case Steglich set the hotspot up as a secondary network belonging to the conference centre. Users were likely signing on expecting it to be a fully legit network, without realising it was being run by some guy sat outside in a mac. It’s not a pricey scam to set up, either – just 200 Euros and a tiny bit of technical know-how is all you need. But, uh, don’t go getting any ideas, right?
Of course, the experiment wasn’t just conducted for laughs. It’s a cunning piece of marketing to demonstrate why free Wi-Fi lovers should use security software such as F-Secure’s Freedome, which encrypts your data before it hits any hotspots and keeps you safe online. But even if you don’t spunk up for that extra layer of security, the experiment is a welcome reminder that we shouldn’t be so keen to hook our phone up to any Wi-Fi going.
And don’t allow your phone to connect to any old Wi-Fi network automatically, either – check your phone’s settings to ensure you’re only able to hook up manually.