This may be old news since it has been documented elsewhere for a couple of years now (see the link at the end of this post), but I only discovered this recently. Over the past several years, I have worked with a number of wireless networks, but only recently have I had the very different experience of moving through the world with my own personal wireless device.
Picture me walking through New York City on a beautiful summer day. Having finished a few personal errands, I’m looking to settle down in one of its several parks for a little bit and get some work done on my Macbook Pro. Since most of my work recently involves development of web applications, naturally I get a lot more done if I have an internet connection. I have heard that many of the parks in the city are outfitted with free wireless, so I drop down my Airport list and begin scanning through the several wireless networks my lappy has found. I come across one called ‘Free Public WiFi’. This looks like it could be what I’m after, so I connect, get a very strong signal but no valid IP address; no internet; nothing.
Another day, similar scenario, but another part of the city. And this time, my Airport has already automatically connected to a strong signal. You guessed it, ‘Free Public WiFi’. Again, no kind of internet love coming from this network. But now I’m curious, so when I do find a valid connection, I set out googling about this mysterious network.
Turns out it’s a bug in Windows. It’s a viral wifi epidemic that has swept at least this country, if not by now, the world. On the whole it’s fairly harmless, but the potential for danger is very great, and it’s taught me a lesson that I should have realized earlier.
Here’s what happened:
- Somewhere, someone created an ad-hoc network, named ‘Free Public WiFi’, either intentionally as a hoax, or for some indiscernible valid purpose.
- One or more people connected to this ad-hoc network using a Windows laptop, again, either because they were duped into thinking they’d have free internet access, or for some unknown valid reason.
- (Here’s the fun part): Once a Windows machine has connected to an ad-hoc network, when it disconnects, it now begins to broadcast that same ad-hoc network as an available connection, essentially inviting anyone to join.
And so it spreads. As more and more Windows machines connect to ad-hoc networks named like ‘Free Public WiFi’ thinking they’ll get free internet, more and more Windows machines end up broadcasting that same network. Take into account business travel, and you should see how quickly this thing is able to spread.
The danger here really should be self-evident. It is two-fold:
- An attacker could be broadcasting such a network, waiting for someone to connect in order to attempt exploiting their machine.
- If you’re running Windows, you yourself may be broadcasting that network, essentially inviting anyone, including potential attackers to connect to you.
My partial solution to this is to not use Windows. The rest is a principle learned that I will be careful to apply and which, I think, more people should apply as a best practice: only connect to networks that you are certain about. For example, after this experience, I researched more carefully what public wifi is available in the city, who provides it and their locations. So now I’ll know what I’m looking for.
Even so, it is likely if you have a mobile device that at some point you will open yourself up for attack. So there is sound reason to make sure your system is secure as a rule. Use a local firewall service. Update your system often. Don’t take candy from strangers.