Never use public Wi-Fi again!
It seems good to access a hotspot and avoid using your data plan to access the internet, but if I tell you that they will be spying on you, and seeing everything you are doing, would you access it?
You can say, oh, no problem, if the owner of the hotspot sees it, what is the problem? What if I tell you that absolutely anyone anywhere within the wi-fi area can see this? That person next to you in the restaurant that provides wi-fi, may be spying on you!
Everything, absolutely everything on a Wi-Fi network without encryption, that is, "open", is freely trafficked through the air "as-is", and anyone close (or not) could have access to your data, contacts, listen to your messages. phone calls or even see your cell phone screen.
What do you mean, people close "or not"? Yes, a more distant person with powerful receivers and transmitters will be able to collect sensitive information not only from one person, but from several at the same time.
A rooted Android phone is enough to install the Wireshark application and activate the monitor mode of the device's internal Wi-Fi network card, then all data is collected and can be used by someone to intercept data.
One of the tactics of accessing a cell phone would be to try to issue numerous DNS response packages to a domain that the cell is accessing, for example, social networks, such as facebook, twitter, right? And then direct to a page on another server (which can even be another cell phone on the network), and make the person interact with the web page (be warned that they have a virus and install the application, etc.).
Sites that run without SSL, are all seen as simply clean, anyone will get all the data without any kind of problem, sites that can request personal information, registrations, forms, and any other information without SSL, can be registered by anyone from the next to your table in the restaurant.
A person could very well know what your name is, without even looking at you, or see pictures of a social network inspecting the DNS search and seeing which domain and URLs they are accessing.
Many things on the phone, happen when it is on the wi-fi, even if you are not using it, that is, photo updates, application updates, among others.
What ensures that all existing applications on your phone, which run in the background, are using API to access data with SSL support?
I tell you a great truth: very few people do this, and even if there is in fact at least one API URL running over SSL, we can still run a local server with any SSL certificate (even revoked, expired) and when changing the DNS, it will access the infected server.
Creating these servers, currently with the cell phones we have, is nothing out of this world, there are many applications for cell phones that make it Web servers. Just search for "Web Server" and you will even find apps that run MySQL.
Ah but the apps cannot run to take a user's website and make him access some item. We can make an app log out, and force it to log on to a fake API, and thus retrieve the user's password, when he retyped it.
There are several ways to become insecure when using an open wi-fi network.
This also includes wi-fi networks that have those "Captive Portal", common anywhere, such as Outback, Mc'Donalds WiFi, Oi Wifi, and etc. Do not access networks like this one, unless you want to risk anyone intercepting your phone.
The capacity of the open wifi is so incredible, that you can use PING commands and approach the person's cell phone, to confirm that it really is themselves or not, and maybe even use NFC to retrieve photos from the victim user's cell phone.
How to protect yourself from open wi-fi networks?
One of the ways you can protect yourself from open wi-fi networks is to use a VPN connection, but this is usually only available if you are an employee of a company, or if you hire a paid VPN service. Do not use free VPN, because then you will be in danger in the same way as in the open Wi-Fi network, because the provider of the free VPN will also have access to what you use on the internet.
Avoid using open networks as much as possible, try to check if you can increase your data plan at the cellular operator, or have an unlimited internet plan (if any), so as not to get this neura.
Wi-Fi networks with a password still offer risks, but in some cases, the "monitor" mode will not help much, as it can only intercept all data, even so, if you are going to use a Wi-Fi network, the very best it's just your home network, with the guarantee that no one will use your password, and that it will use the best security standards, with WPA2.e exchanging keys using AES 256 (Avoid TKIP, except if your wi-fi network start to get too slow or the router too hot).
Yes, AES 256 encryption for routers can make them hotter, and / or even slower, as it is much more difficult to encrypt data on this technology, and more secure, it requires more of your router's hardware to ensure its security.
No comments