Bad Free Open WiFi
Open nonencrypted Wifi hotspots are dodgy at best, but some are worse than others. Last week I had the pleasure of a trip to London on the Megabus. I was not surprised they had no password, but when mini Opera and Trillian screamed at me about the wrong certificate, I could see there was another problem. Megabus/Icomera own "Man-in-the-Middle" sniffing. [attachment=1257]SAM_3572.jpg[/attachment] Here are some exerpts from the Terms and Conditions https://portal.moovmanage.com/coachuk-mb/terms.html [quote][b]User Data[/b] Icomera reserves the right to include the name, address and other relevant information relating to the User in a directory for the use of Icomera users or other third parties, unless specifically requested by the User in writing not to do so. Icomera cannot guarantee the security or privacy of the Hotspot and any information or communication to or from the Hotspot by the User.[/quote] https://portal.moovmanage.com/coachusa-mb/terms.html [quote] You understand the Megabus WiFi Zone is an open public wireless network and not inherently secure, and that you are solely responsible for the security of your data and devices. Although not required to, monitor any data communications passing throught the Megabus WiFi Zone.[/quote] So it seems that Icomera and Megabus are selling information they capture from passengers, and you have to write a letter to them to be excluded (you don't get to read the Terms until you are on the bus trying to connect, so the damage is already done). Passengers that know how to use Wireshark etc. may be able to also sell any usernames and passwords they collect on the long journey. The average Megabus journeys would give a hacker plenty of time to catch people repeatedly logging into accounts. Considering how cheep tickets are, it would make sense for hackers to regularly cruise up and down the long routes, harvesting details. I know I certainly would, if I wore a black hat and had low morals. Attachments: [img]https://forum.vivaldi.net/uploads/attachments/7680/SAM_3572.jpg[/img]
Isildur last edited by
Ugh. I can't think of much in the way of legitimate reasons for them to be going to the trouble of attempting to man-in-the-middle TLS traffic.
Does it allow traffic on any ports before you even agree to terms, or does it block all ports (as it should) until you agree to the (bad) terms on the portal intro page?
(That is, the least they could do is hold-off on putting traffic through before one can read the terms. Especially on a phone, with various apps set to background synch immediately when one connects to wi-fi. Good thing Opera and Trillian objected, but I've wondered how many phone apps may handle TLS improperly, and let through connections without properly checking.)
Anyway, yeah, be careful about free wi-fi, people.
If I had a laptop I would have been able to investigate properly.
The only option is to use a VPN, and tunnel through it.
A hacked Wifi connection is not the problem. The problem is Open Wifi that uses a certificate to intercept and decrypt your traffic
The best option is to be using a VPN app from a reliable vendor with non-bloated apps, such as Disconnect.me or Avira.