Be Cautious When Using Free Airport Wi-Fi

Last year Google began offering free WiFi in 47 American airports.  Other airports have added this feature to accommodate the needs of business travelers.  Here's a reminder that connecting to WiFi may open your laptop to strangers:

I was recently at New York’s JFK airport in the JetBlue terminal, where they have prominent signs offering free wi-fi, courtesy of the airline. But when I went to connect, I noticed that several options were available including one labeled “default” and another labeled “JetBlue free hotspot.” It turns out that the former was the actual free hotspot and the latter was the honeypot. What tipped me off was that the “JetBlue free hotspot” was labeled in my Mac OS X “Airport” (i.e. wi-fi) menu as a “Computer-to-Computer network...”  If you connect to this network on an imperfectly protected Windows laptop, this hacker will have access to your data from his own computer.

More at the link.  The same principle would of course apply at non-airport facilities such as dining establishments. Link

(Image credit: Leah Jaako)


Security minded IT guy here...

1) If you're using a non-encrypted wifi connection, anyone with minor computer skills and the right program can sniff that traffic anyways.

1a) If you log into websites which aren't https while connected to an unencrypted wifi connection or a fake wifi connection they can be read easily. Always and only log into websites which have https in the URL!

2) If you connect to non-encrypted wifi, (or encrypted, for that matter!) other users of the same wifi signal can typically access shared files and folders on your computer since you're on the same network. It works for the same reasons that home networking works -- that's how it was designed.

3) If you connect to a fake wifi connection like the one mentioned, you will probably won't be able to access the internet. If you can, then they are routing traffic or running a proxy. If they are routing traffic, https traffic should still be secure (see 1a). If they are running a proxy, https pages will likely display security errors in which case you should not proceed.

Wifi is fun and dangerous, public wifi doubly so. If you want to be secure you will need to look into a VPN or SSH tunnel solution.
Abusive comment hidden. (Show it anyway.)
When I shut down my macbook at San Francisco's airport, I didn't care to see the message that I would be disconnecting another user. I have no shared files on that laptop and hardly anything of interest, but I changed the settings immediately
Abusive comment hidden. (Show it anyway.)
MrMichael spotted it perfectly, mostly #3. If you have minimum computer skills to use a wifi, you should notice that you're not connecting "to the internet" in a connection like this one that was described quite easily.

Naming your wifi "default" (and let it open!) isn't the most clever thing either.
Abusive comment hidden. (Show it anyway.)
this bit amused me

"If you connect to this network on an imperfectly protected Windows laptop, this hacker will have access to your data from his own computer."

Are Mac's immune to a standard CIFS browse attempt now then ?
Abusive comment hidden. (Show it anyway.)
Login to comment.
Click here to access all of this post's 10 comments




Email This Post to a Friend
"Be Cautious When Using Free Airport Wi-Fi"

Separate multiple emails with a comma. Limit 5.

 

Success! Your email has been sent!

close window
X

This website uses cookies.

This website uses cookies to improve user experience. By using this website you consent to all cookies in accordance with our Privacy Policy.

I agree
 
Learn More