How a Wi-Fi Pineapple Can Steal Your Data (And How To Protect Yourself From It)
'The Wi-Fi Pineapple is a cheap modified wireless router enables anyone to execute sophisticated exploits on Wi-Fi networks with little to no networking expertise. A report in Motherboard explains how it can be used to run a Wall of Sheep and execute a man-in-the-middle attack, as well as how you can protect yourself from Pineapple exploits when you're connected to public Wi-Fi. "... it's important that whenever you are done connecting to a public Wi-Fi network that you configure your phone or computer to 'forget' that network. This way your device won't be constantly broadcasting the SSIDs of networks it has connected to in the past, which can be spoofed by an attacker with a Pineapple," reports Motherboard. "Unfortunately there is no easy way to do this on an Android or an iPhone, and each network must be forgotten manually in the 'Manage Network' tab of the phone's settings. Another simple solution is to turn off your Wi-Fi functionality when you're not using it -- though that isn't as easy to do on some devices anymore -- and don't allow your device to connect to automatically connect to open Wi-Fi net' -- source: https://yro.slashdot.org/story/17/11/21/2255254 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/
On Thu, 23 Nov 2017 09:29:48 +1300, Peter Reutemann wrote:
"... it's important that whenever you are done connecting to a public Wi-Fi network that you configure your phone or computer to 'forget' that network. This way your device won't be constantly broadcasting the SSIDs of networks it has connected to in the past...'
Why would that be happening, anyway? It is the base stations that should be broadcasting the SSIDs, and your portable devices that should be listening, not the other way round.
Why would that be happening, anyway? It is the base stations that should be broadcasting the SSIDs, and your portable devices that should be listening, not the other way round.
As far as I understand it, when phones aren't connected to wifi, they're constantly broadcasting probe requests for the SSID's that they remember, to see if they're around. A bit more info in the commentary here: https://security.stackexchange.com/questions/62124 E -------------------------------------------- Q: Why is this email five sentences or less? A: http://five.sentenc.es On Thu, 23 Nov 2017, at 09:45, Lawrence D'Oliveiro wrote:
On Thu, 23 Nov 2017 09:29:48 +1300, Peter Reutemann wrote:
"... it's important that whenever you are done connecting to a public Wi-Fi network that you configure your phone or computer to 'forget' that network. This way your device won't be constantly broadcasting the SSIDs of networks it has connected to in the past...'
Why would that be happening, anyway? It is the base stations that should be broadcasting the SSIDs, and your portable devices that should be listening, not the other way round. _______________________________________________ wlug mailing list | wlug(a)list.waikato.ac.nz Unsubscribe: https://list.waikato.ac.nz/mailman/listinfo/wlug
On Thu, Nov 23, 2017 at 10:08:59AM +1300, Eric Light wrote:
Why would that be happening, anyway? It is the base stations that should be broadcasting the SSIDs, and your portable devices that should be listening, not the other way round.
As far as I understand it, when phones aren't connected to wifi, they're constantly broadcasting probe requests for the SSID's that they remember, to see if they're around.
Yes, I would imagine that this is for hidden base stations which do not broadcast their availability. You have to know their SSID to connect. Cheers, Michael
On Thu, 23 Nov 2017 20:33:04 +1300, Michael Cree wrote:
On Thu, 23 Nov 2017 09:45:02 +1300, Lawrence D'Oliveiro wrote:
Why would that be happening, anyway? It is the base stations that should be broadcasting the SSIDs, and your portable devices that should be listening, not the other way round.
Yes, I would imagine that this is for hidden base stations which do not broadcast their availability. You have to know their SSID to connect.
I have heard this recommended as a “security” measure. But as you can see, it just causes worse vulnerabilities elsewhere.
participants (4)
-
Eric Light -
Lawrence D'Oliveiro -
Michael Cree -
Peter Reutemann