20 July 2013

Hidden Wi-Fi Dangers Revealed

An independent security expert has warned that millions of mobile Wi-Fi users are at risk from hackers. Raul Siles told Help Net Security that a well-known bug, identified several years ago, remains a problem on many handsets, including BlackBerry, Android, iPhone and some Windows devices.

The issue is with the Preferred Networks List, or PNL, that is stored in Wi-Fi enabled smartphones. This list queries networks that are detected by the phone and attempts to join those on the PNL first.

The bug enables hackers to access this list if the device is connected to public Wi-Fi, using eavesdropping software.

Networks on the list could include any Wi-Fi connection you’ve set-up previously, including other public Wi-Fi hotspots, your work network or your home broadband. When your Wi-Fi is switched on, it specifically looks for those preferred networks first. Your phone is effectively broadcasting the networks that it’s looking for.

With this data being broadcast, a would-be hacker can set up a fake Wi-Fi network with the same details as one on the phone Preferred Network List. As a result, your phone’s Wi-Fi is automatically connected to the hacker’s network - exposing all data you subsequently transmit during your session. All data, from passwords to credit card numbers.  The “man in the middle” (the hacker who set up the fake Wi-Fi network) would have access to all this information.

“This situation has been known since 2004,” Siles told Help Net Security, “Microsoft fixed it for Windows XP in 2007 and recently in Windows Phone devices but it seems the other mobile device vendors are not as concerned.”

The bug affects several smartphone operating systems in wide use, including Android 2, 3 and 4 and BlackBerry 7. The bug is also in iOS versions 1 to 6, if users manually add networks to their preferred list.

On BlackBerry, you can go to Settings, then Networks and Connections. Choose Wi-Fi Network then “Saved Wi-Fi Networks”. In each of ‘saved networks’ in the list, enable the “SSID (Service Set Identifiers) Broadcasted” option.  This means that the device will only connect to a network if the Wi-Fi identifier is being broadcast. In cases like this, the fake network will usually have a hidden SSID - as it’s configured just to catch you out.

Unfortunately, the other affected operating systems have no easy solution. The most drastic way to work around this is to turn off Wi-Fi in public places. However, with a little common sense and care, you should still feel safe surfing the web in public.

Until the vulnerability is patched, it’s advised that mobile users continue to be vigilant when connecting to public Wi-Fi networks. If you do connect to Wi-Fi in public places, pay attention to which network you’re connected to.

If you find that you have somehow joined a network that appears to be your home or work connection while you’re out and about - that’s a clear sign that a third party may have accessed your phone’s PNL and is faking the network address.


Post a Comment

Get every new post delivered to your Inbox.


Copyright © 2018 Tracktec. All rights reserved.

Back to Top