It’s becoming a common thing to see people sitting in public places – train stations, airports, the local Starbucks – with their laptops, doing their email or writing their blogs, or any manner of things that they’d do when in the office or at home.
How do you know that the wi-fi network you’ve connected to really is secure? A thought-provoking report from TechWeb yesterday:
An “Evil Twin” that hijacks unsuspecting wireless transmissions is the latest security bugaboo, academic researchers in the UK asserted Thursday. But the idea is anything but fresh. The hacking technique is dubbed “Evil Twin” because scammers set up a bogus wireless access point near a legitimate base station that they then jam. Users within range of the sham access point connect to it thinking that it’s a real link to the Net. All the time, however, the information transmitted over the wireless connection is being intercepted by the hackers, who look for passwords, usernames, financial account log-in information, or other confidential data. Think of it as one big key logger and you get the idea.
“So-called ‘Evil Twin’ hotspots present a hidden danger for Web users,” said Phil Nobles, a wireless and cybercrime expert at Cranfield University in Bedfordshire. “Users think they’ve logged on to a wireless hotspot connection when, in fact, they’ve been tricked to connect to the attacker’s unauthorized base station,” said Nobles in a statement. “The latter jams the connection to a legitimate base station by sending a stronger signal within close proximity to the wireless client ” thereby turning itself into an ‘Evil Twin’.”
TechWeb’s report discusses the threat in some detail. Unfortunately, it doesn’t provide any information on how not to be scammed this way.
This may not be a fresh idea, but that’s small comfort.