Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy Security Wireless Networking Communications Network Networking Software

How a Wi-Fi Pineapple Can Steal Your Data (And How To Protect Yourself From It) (vice.com) 46

An anonymous reader writes: The Wi-Fi Pineapple is a cheap modified wireless router enables anyone to execute sophisticated exploits on Wi-Fi networks with little to no networking expertise. A report in Motherboard explains how it can be used to run a Wall of Sheep and execute a man-in-the-middle attack, as well as how you can protect yourself from Pineapple exploits when you're connected to public Wi-Fi. "... it's important that whenever you are done connecting to a public Wi-Fi network that you configure your phone or computer to 'forget' that network. This way your device won't be constantly broadcasting the SSIDs of networks it has connected to in the past, which can be spoofed by an attacker with a Pineapple," reports Motherboard. "Unfortunately there is no easy way to do this on an Android or an iPhone, and each network must be forgotten manually in the 'Manage Network' tab of the phone's settings. Another simple solution is to turn off your Wi-Fi functionality when you're not using it -- though that isn't as easy to do on some devices anymore -- and don't allow your device to connect to automatically connect to open Wi-Fi networks."
This discussion has been archived. No new comments can be posted.

How a Wi-Fi Pineapple Can Steal Your Data (And How To Protect Yourself From It)

Comments Filter:
  • MITM wifi attacks and hotpot impersonation have been a thing for the better part of a decade now, what does this bring to the table that malicious actors didn't already have?

    • by AmiMoJo ( 196126 )

      This brings nothing new. The same old solution from over a decade ago works just as well - connect to a VPN.

      Android supports this, I'd be surprised if iOS didn't as well.

      • Re:nothing new here. (Score:4, Interesting)

        by ctilsie242 ( 4841247 ) on Wednesday November 22, 2017 @10:40AM (#55603123)

        Even on iOS, VPNs are trivial. Some VPNs even offer an app which can allow you to select the closest server group, install a profile, and have the VPN auto configure when on Wi-Fi, with the ability to whitelist a few trusted SSIDs.

        I'm amazed that Apple or Google hasn't offered their own VPN service where you just flip a switch, ensuring no matter what hanky-panky the AP/ISP does, the worst they can do is slow down or block traffic, not change it.

        I decided to go with a VPN always when telcos started actively adding X-UIDH headers on HTTP exchanges. That, and Phorm with ads injected via traffic in flight.

        • >> with the ability to whitelist a few trusted SSIDs. That's what I just learned here. You can't trust an SSID, even your own. They will be spoofed. You must *always* use a VPN.
    • by mjwx ( 966435 ) on Wednesday November 22, 2017 @08:22AM (#55602251)

      MITM wifi attacks and hotpot impersonation have been a thing for the better part of a decade now, what does this bring to the table that malicious actors didn't already have?

      Yes, but now it has a Web 2.fucking.0 name, a marketing slogan and can be encased in a plastic pineapple. Cant you see how this is completely different?

    • Hotpot impersonation, the bane of holiday cookouts across the nation.

    • The big controversy around this is the ease of use, anyone can use it, even those with very little understanding of how to do what they're doing. Also, the price - under $100.
  • So this is a product adverisment?
    • Quite obvious. $99
      • Especially since you can construct something much smaller, with COTS parts, for less than half that.

        (psst... hacked zsun + USB battery pack. Other than N, and maybe really loud antennas, it can do anything this thing does. Total price: retail ~35$)

  • Pen Pineapple Apple Penetration.

  • Already fixed (Score:5, Interesting)

    by PReDiToR ( 687141 ) on Wednesday November 22, 2017 @08:22AM (#55602249) Homepage Journal
    Wi-Fi Privacy Police [google.com].

    Take a look, I'm not connected with the project.
  • SSID Broadcast (Score:2, Informative)

    by Anonymous Coward

    Only the SSIDs of hidden networks need to be broadcast, not all SSIDs of the listed networks.

    • by Anonymous Coward

      THIS.
      On Windows you even get a warning when connecting to hidden SSID networks, for exactly this reason.

    • by Anonymous Coward

      Or the god damn WiFi spec could have the router send its public key on connect and if it doesn't match the phone's stored public key, fail. Otherwise, communicate using the public key. If the router sends a public key it doesn't have the matching private key for, it can't decrypt anything anyway.

  • by Bohnanza ( 523456 ) on Wednesday November 22, 2017 @08:51AM (#55602349)
    One thing that would help is if you actually told people what is going on. If you warn people of a possible "Wall of Sheep" attack from a "Wifi Pineapple" you are telling them nothing at all.
  • Great! (Score:4, Funny)

    by 140Mandak262Jamuna ( 970587 ) on Wednesday November 22, 2017 @08:52AM (#55602353) Journal
    All intel chips are vulnerable. OK let me switch to mobile and avoid intel.

    All WiFi devices are vulnerable. OK I am going to turn off wi-fi and use only mobile data

    Next?

    Rouge Cell towers, stingrays, ...

    ALL OUR BASES ARE BELONG TO THEM

    • by Anonymous Coward

      and laws aren't going to help you because stingrays should already be illegal...

    • Rouge cell towers

      Well, just connect to the blue or green ones. Problem solved.

  • Apple WiFi dangerous, Pineapple WiFi dangerous ...

    I guess I'll stick to WiFi Vegetables.

  • I could set it up to only connect to wifi at certain locations, it was such a battery saver. I mean like now I can set my iPhone to connect to only known networks (even though that is how this attack works) etc etc, but having the geofencing was sweet.

  • by Murdoch5 ( 1563847 ) on Wednesday November 22, 2017 @10:21AM (#55602909) Homepage
    How about not connecting to WiFi hotspots? With mobile data being plentiful, you simply don't need to hook up to WiFi hotspots, which completely removes the need to forget them :)
    • by Anonymous Coward

      This is a very geographically limited solution. Cheap, quality mobile data is far from ubiquitous even in the us, let alone globally.

      • by Dog-Cow ( 21281 )

        Cheap, quality mobile data is far more accessible outside the US than in. You seem to be living in a bubble.

Parts that positively cannot be assembled in improper order will be.

Working...