WI-FI, THIEF

[J_J]

If you see or hear this little guy overhead, it's to late to put your phone in a potato chip bag, as he already has your data.

This drone can steal what's on your phone | Money - Home

You do know that your phone will not receive or send any data if enclosed in one of the metal foil bags.

Where is our freedom. It seems it is getting almost non-existent

 

[buckshot721]

All our freedoms are just about gone, yet some people dont seem to care. Our government would not do that to us would they? You bet they would!

 

[MoKelly]

This is really no different than some guy breaking into your house and stealing your paper records. Its just higher tech theft reflecting today's society. IMO, it has nothing to do with your freedoms --- unless you are implying that the government is doing the stealing vs. hackers.

MoKelly

 

[J_J]

Knowledge factor?

Does anyone know how much air space a home owner has over their home, and if you rent, do you own any air space?

Mineral rights on your property is another smokey question. Do you know?

 

[3930dave]

Assume.....

1) Zero privacy with electronic communication, govt and otherwise.

NSA surveillance program reaches ‘into the past’ to retrieve, replay phone calls - The Washington Post

2) "Rights" scale up in proportion to your net worth.

.... and you are heading in the right direction.

I've heard (no direct experience) that Retroshare is of some use with issue #1.

Rgds, D.

 

[Scooby074]

Nice scare article there.

Its a common man in the middle attack. Existed long before "drones" were ever though up, although saying drones sure makes it sound "scarier". The next time your in McD's soaking up that sweet, sweet free wifi with your $0.50 coffee, remember you're vulnerable to the same attack.

Enable basic security like asking to join networks is a good first step. Assume that anything you send over a public wifi WILL be intercepted, ie: passwords, credit card info. so dont do it. Even "secure" sites.

Getting names and locations of networks is no big deal (they played it up in the article). Any wifi device will show you that same data.

 

[tcartwri]

This will make your blood run cold. They scanned the peoples smart phones to gain the personal information.

 

[bdobson]

I read a news story a while back that said the MI State police and other forces have this device in their cruisers that can read your phone while they follow you. They supposedly use it to see if you are texting while driving. As i recall it was a poorly written story and not much detail. the tip was to turn off your phone if you are being pulled over.

 

[deerseeker001]

good reason not to have smart Phones

 

[Tig]

Man in the middle attack by spoofing an access point can employed from extended distance as well. With line of sight you can target a device over a mile away.
Last time I played with extended range wifi, over 2km was easily to work with. 4km has also been done.
All paranoia aside, I prefer hard wired connections for financial matters.

 

[94BULLITT]

Thanks for sharing the article.

I love my smart phone and tablet but they are a huge invasion of our privacy.

 

[haveissues]

Nice scare article there.

Its a common man in the middle attack. Existed long before "drones" were ever though up, although saying drones sure makes it sound "scarier". The next time your in McD's soaking up that sweet, sweet free wifi with your $0.50 coffee, remember you're vulnerable to the same attack.

Enable basic security like asking to join networks is a good first step. Assume that anything you send over a public wifi WILL be intercepted, ie: passwords, credit card info. so dont do it. Even "secure" sites.

Getting names and locations of networks is no big deal (they played it up in the article). Any wifi device will show you that same data.

I just don't see how they are steeling passwords on amazon etc with a man in the middle attack unless the user decides to trust a untrustworthy certificate authority. Unless I'm missing something, they haven't broken ssl. Now if you get one of those popups on your banks website all of a sudden that asks you if you want to trust the site and you say yes, now you are vulnerable.

 

[aczlan]

I just don't see how they are steeling passwords on amazon etc with a man in the middle attack unless the user decides to trust a untrustworthy certificate authority. Unless I'm missing something, they haven't broken ssl. Now if you get one of those popups on your banks website all of a sudden that asks you if you want to trust the site and you say yes, now you are vulnerable.

The only way I see this happening would be to have a fake non-SSL site that they got redirected to by the fake access point.
Also, if I remember correctly, the only way your phone or other device is broadcasting a network name if if the network's SSID is hidden, otherwise it just passively listens for the network to advertise itself (Windows XP and older versions of Windows excepted).

Aaron Z

 

[Tig]

Some of the details of tbat article fly in the face of what I have observed with wifi, so I googled snoopy to learn more. First thing I learned is that snoopy drones do not fly, although I suppose that could be done.
The gist is that a snoopy station (called a drone) monitors the airwaves and notes what access points wifi devices connect to. All the stations report back device and acces point info to a central location. Access points are then referenced using existing databases. Like Wigl which is built by wardrivers. Once that is done they have a profile of a device and the access points that it uses in the monitored areas.
It's a plausible leap (a flying leap at that) to deploy snoopy as detailed in the original article, although to my knowledge, my devices do not scream out the names of every access point that I have profiled. Even if they did, the encryption would have to match for someone to get in the middle.
Here's a more technical article. SensePost Blog
This article addresses SSL encryption. Seems the redirect.
The claim that it steals your location data boils down to, it can look up the location of wifi router you connected to. All in all this is the same thing that Google does with their street view cars, which is why google maps can determine your location without accesing your GPS.

edit: I just noticed that the article I linked is two years old.
I would expect that this sw can easily be obtained and by now has been enhanced to address wifi encryption vulnerabilities.

 

[Gator6x4]

Advertiser seek Wi-fi information. They use it to target ADS. Follow the money, private enterprise is always looking for ways to obtain private information to exploit for money.

 

[zzvyb6]

J_J, how come you haven't come up with a hydraulic powered phone yet ? Seems like you always have the right answer to everyone's questions about the subject !

Just wondering... Whenever you post, I keep a copy of it in a folder so when I have a hydraulic situation pending, I can go into it and get some good poop. This one was unexpected.

Would that be Old Fashioned, Barbecue or Ridged chips ? Bagged or cylindrical container ?