A passive survey of Dublin city centre Wi-Fi has revealed some 11,000 networks roughly between the northern and southern circular roads. Of these networks, more than one in five (21%) were open, with just under 4% using the hopelessly insecure Wired Equivalent Privacy (WEP) protocol.
These were the results of a so called ‘warbike’ survey carried out around Dublin today by James Lyne, director of technology strategy, Sophos. Lyne has carried out such surveys in several European capitals, and San Francisco in the US.
By comparison, Lyne said that Dublin Wi-Fi network was “quite high density” and was level with other capitals. Even the proportion of WEP-secured networks was relatively low, at 4%, compared with 9% in San Francisco. Lyne said that Dublin city centre was effectively “Wi-Fi saturated”.
With regard to the open networks, Lyne was of the opinion that most were intended to be so and would have included captive portal type arrangements common in hotels and commercial premises such as coffee shops. However, Lyne points out that even with captive portal set-ups, this did not make them any safer, as users of such a connection could potentially have their traffic monitored, intercepted or modified by another user of the same connection point.
Another part of the survey was to establish a Wi-Fi network allowing people to connect to a network called “Free Public Wi-Fi”. A disclaimer was displayed to anyone who tried to connect that informed them that traffic would be logged for the purposes of security research, though no personally identifiable information would be gathered or used. Despite this, 1,079 people connected to the access point. However, Lyne said that of those who connected, 7% were using secure protocols, such as VPN over the open connection. This was a much higher proportion than anywhere else.
“Nowhere else made it over 2%,” said Lyne.
However, that does leave the 93% who were not using secure protocols and were consequently leaving themselves open to having their traffic captured or modified, as well as putting their machines at risk.
Another peculiar feature of the Dublin city Wi-Fi survey was the preponderance of online printers. Around the IFSC in particular, Lyne noted an inordinate number of printers identifying themselves online. From previous work by various researchers, it has been shown that many such devices are often poorly configured, with default passwords left intact and features exposed that leave them highly vulnerable.
Lyne said that in common with other surveys, there were several instances of network names that were inconsistent with their general appearance. For example, there was one network purporting to be that of a bank whose hardware profile did not fit with type of stack normally associated. Lyne said there were several instances of these, especially around the likes of famous coffee shop names. These are often traps to induce users to connect to what they think is a familiar network, but often are there solely for nefarious purposes.
The survey was carried out on a pair of Dublin Bike Scheme bicycles, with around €200 of readily available equipment. This consisted primarily of a Raspberry Pi running Kismet 802.11 layer2 wireless network detector, sniffer, and intrusion detection system, wireless scanners, and GPS and Bluetooth units.
Lyne said that only the Bluetooth device was not widely available at a consumer level, but would not be beyond that average enthusiast.
All of this was run from USB battery packs and contained in easily carried small bags. The entire set-up was discreet to the point of going entirely unnoticed. However, Lyne said that the skills involved, both hardware and software, would not be beyond a competent network administrator.
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers