Airpot WiFi Looks like This – Pretty & Dangerous

Pretty eh.

And unsafe – airport WiFi is considered
the most dangerous network in the world.

Why? Read these 2 posts – here’s a possible attack, and the time when I was compromised using it at ORD Chicago.

How to Protect Yourself

Don’t connect to it.

But you have to get online?

Tether your phone, via USB, to your laptop.

Not possible? Then do this:

– check the network name and verify it’s actually the airport, and not someone spoofing it. Example: FreeWiFiAtPearson is probably fake

– only visit sites using SSL (the address bar will have an S in it – httpS://KeriBlog.com – like that)

– turn on your firewall

– never enter any logins or credentials; banking from an airport WiFi connection is practically begging for it

– use a VPN – Virtual Private Network

turn off WiFi on both phone and laptop when not in use

Another screenshot of airport WiFi.

WAIT. This just hit me… could that printer be a honeypot?

That’s in Miami, and seems odd to permit a printer to be unlocked – ( why to always lock your printer here) – and like, if I was in charge of securing an airport I’d tell the vendors lock theirs…..

Blog tag = Wifi Security

Blog tag = Airports, because I love them

 

 

Never Connect your Car’s WiFi to a Public Network

Staring this 2015 model year, cars will come equipped with internet and WiFi capabilities.

Here I am sitting outside a friend’s house in suburbia; I could connect to the houses around me.

You’ll soon be connecting your car to your home network to update it. Only ever connect your car to a known, safe network, like your home, and never a public network, like a coffee shop.

* = password

The Attack

You connect the car via a coffee shop > an attacker inside has MITM’d the connection > now all internet traffic runs through his computer first, before going to the internet

The Defence

Connect only to a network you fully control, like your home.

While this is unlikely to happen…

… that’s only for now. While car hacking is still in its infancy, now is the time to form good habits, because it only takes one connection, one time, to tank it all.

(see: ‘Keri on Driving’ column Dispelling Car Hacking Fears, and the lead press piece I wrote for last year’s SecTor Security Conference)

***

Further reading:

– how to secure your car’s internet connection

– my column: WiFi HotSpots are coming to Cars

– what is a MITM attack

– general WiFi security 

 

 

Password Protect a Printer’s WiFi

This is especially for small businesses.

The Attack

Connect to the unsecured printer > which is connected to the corporate network > tada

The Defence

Look in the printer’s ‘Settings‘ to find how to password protect it.

A good password looks like this: 7[LjsK<;!d:@M’j>T,^w’`;U}

***
Blog tag = passwords

 

 

The ‘Rule of Thumb’ for WiFi Range

An average router’s signal will travel:

– 150 ft inside a structure (eg. your home)
– 300 ft outside

Even if you’re living in the centre of a barren, 1,000 foot field (why are you doing that?), still password protect your WiFi (your SSID) using WPA2.

A good password looks like this:
^NKglYA%]tckcM?wG7?r6nFp!

And change your router password, because when was the last time you did.

 

 

How to Cheat at Motorsports

Racing is a real dirty sport, so it surprises me a group with such minds haven’t gotten into this, and we don’t hear more about it.

Got the idea at Indy 2012.

Why not attack the other team’s
networks, internet & communications?

Examples:

The WiFi connection went down? And you were relying on the cloud?

The telematics, feedback and monitoring systems stopped functioning? Or instead, started to output false data?

An F1 engineer in the pits can remotely control the car, so how about altering those settings? Make the engine blow, you only get so many engines per race…

You in position? Preparing to cut crew-driver communications, you’ll have 5 seconds to pass until the system is live again in 3, 2…

This isn’t a barely-subtle way of saying I’m for hire, these are not rate card items, don’t ask me that at races.

This photo has nothing to do with anything, just needed one more to round out this post.

It’s a 2015 Jaguar F-TYPE S

3.0L V6 Supercharged
380 hp
339 lb-ft
$110,000-ish
Googly-eyed button
Best engine note ever.