Security and degense workers are just like us – they fall into security traps with ease

Visual Simile Symbol Icon Echoes - Apple Mac OS X 10.5.8 Airport WiFi Radio Signal Strength Meter 

Activist pulls off clever Wi-Fi honeypot to protest surveillance state
[Via Ars Technica]

The chairman of the youth wing of the Swedish Pirate Party successfully fooled attendees at a major Swedish security and defense conference into connecting to an open Wi-Fi network that he controlled—as a way to protest mass digital surveillance.

According to The Local, an English-language newspaper in Sweden, Gustav Nipe watched earlier this week as around 100 politicians, military officers and journalists logged into a network called “Open Guest” and proceeded to search for various non-work-related things including “forest hikes” and monitor eBay auctions.

Previously Nipe was involved in the Pirate Party’s efforts to create its own ISP in 2010, and founded the Church of Kopimism, which was formally recognized by Swedish tax authorities in 2011.

[More]

Yep, many just signed on to the network they saw, allowing man in the middle attacks as the person running the hotspot collected as much information as they wanted.

This sort of attack is exactly what the NSA, FBI and others attempt all the time to capture even encrypted data. Here, at a conference devoted to security, they did what so many people do: just logged on.

Heck, I won’t even log onto the known hotspots at meetings or hotels if I plan on doing anything important. Who knows whaat sort of hacks have been put in sub rosa by an employee.

At least I can tether to my iPhone and use it. May not be perfect but I trust it more than an open hotspot.

Advertisements