Monday, July 31, 2006

Leeching WiFi from your neighbor's AP?

While OEMs have begun to address the security issues implied by improper default settings on many wireless products (specially residential routers/wifi APs), one still can locate several left wide open to anyone who happens to look for them.

The often addressed perspective is that of someone's bandwidth being shared (read "stolen") by unknown people. However, most of the wardrivers take care not to consume too much of it, lest the real owner notices severe lag and finally decides to learn about properly securing his AP.

Another implies a certain amount of paranoia: your ip could be used for criminal activities, and if/when the cops come asking questions, it is said owner who might have to answer to them.

However, consider a third scenario: The Honeypot of Doom(tm).

Someone installs an open AP and logs all the traffic that passes through it for several weeks. As you are well aware, most, but not all sensitive communications are encrypted. Mine the resulting data and maybe you'll stomp across something "interesting".

Here's a proof of concept, although with a twisted and very nice touch of humour:

This guy divided his local network in two segments. One goes straightforwardly in and out of his AP while the other is diverted to a proxy server. On the latter, images are turned upside-down or blurred on the fly before being relayed to the unsuspecting freeloader.

Another nice touch would be to submit all text to a ROT-13 transform creating gibberish everywhere.

So, next time you happen to find an open AP, think twice before transmitting any sensitive or personal information over it.

No comments: