Tuesday, November 30, 2010

Firesheep, The Dangers of Open Wifi

Firesheep running on MacOS Firefox, capturing Facebook accounts
Extra! Extra!: Open WiFi is not safe, it's open! Free, open wireless networks is something that everybody loves. But like every other "free" thing, it has a catch 22: you will pay with your security, or lack of it. It is old news that unencrypted WiFi is really dangerous. I guess we will have to learn this the hard way as always.

Millions of people rely on open wireless hotspots to get their daily fix of the internet without thinking twice. Since it invention 10 to 13 years ago, WiFi was a treat to security; then, to try to fix this problem, came along the defeated WEP; after that, the recently defeated WPA and a little more recently WPA2 encryption techniques. It is true that WPA2 is the strongest, consumer available, wireless encryption technology, but as it is known, people tend to forget to turn it on when they install their routers. Also, in order to free themselves from a little hassle, most public WiFi hotspot providers don't encrypt their networks at all, like in schools and universities or commercial establishments that serve the public, like restaurants and coffee houses.

In a open WiFi situation, your packets are out in the open with everyone's; and sooner or later, you (meaning your machine) may end up catching something nasty. It's also true, that "regular" people don't really have the interest or hacking ability to even check their own IP address, let along, go wardriving, packet sniffing and performing man-in-the-middle attacks on somebody, private or government institutions, businesses, etc.  But I'm sure most people have heard the occasional stories about people they may know that got their --insert any web service here-- account hacked and stuff; but the majority feels safe because they run antivirus software every week at lease and their programs are up to date. Also, as a rule to live by, they don't install crap on their computer, don't surf to stupid websites, don't click on stupid links or are using an arguably "safe" MacOS or Linux based system . But beware: You are still at risk. More than ever I may add. Let just say there is a tool, a really cool tool, that is exposing this fundamental vulnerability. This piece of software is called Firesheep.

This past october (of 2010), at ToorCon San Diego, a little tool was unveiled; #firesheep. Created by Eric Butler, the official  purpose of this Firefox extension is to show the world how easy it is to hijack someone's web services credentials, in open wifi, by capturing their id cookies. This cookies, assigned by the service provider for authentication purposes, lets the intruder impersonate the user and login as him/her/it, and consequently, party like is 1969. The beauty and scary part about this bedtime story is that anyone can do it with minimum to none l33t skills. The only prerequisites are the ownership of a PC capable running Firefox and having the ability of installing a browser extension.

I don't want to go on with many details about this tool specifically, so don't ask; there's Google for that. My intention behind pointing this out is to create awareness about the security risks involve with the use of unsecured connections. This problem can easily be prevented by encrypting the wifi networks, with WPA2 (or WPA at least), and giving away the password (on public wifi hotspots that is) or by implementing a full, end-to-end https/ssl encryption on every web service that handles private or sensitive data; just as Google's gmail started to do this year.