Wi-Fi Jacking Extremely Common (45% of People Do!)

It seems Wi-Fi is actually extremely common, in fact in a recent poll up to 45% do it! I guess most people here have, I admit I do even with my phone when I’m out and about I’ll use any WiFi point that works.

We can blame it on the manufacturers for having lax default security settings, but they have to do it because if they enforced WEP for example by default..most people wouldn’t be able to connect and would most likely return it to the shop claiming that it’s ‘broken’.

Sophos has revealed new research into the use of other people’s Wi-Fi networks to piggyback onto the internet without payment. The research shows that 54 percent of computer users have admitted breaking the law, by using someone else’s wireless internet access without permission.

According to Sophos, many internet-enabled homes fail to properly secure their wireless connection properly with passwords and encryption, allowing freeloading passers-by and neighbours to steal internet access rather than paying an internet service provider (ISP) for their own.

As for the legal and ethical side, it’s hard to say. In most countries it’s still a fairly grey area – if you don’t do anything illegal with the connection (sniffing, cracking, hacking, DoS etc.) and you don’t use enough bandwidth to cause a problem it’s hard to say it’s illegal.

Stealing Wi-Fi internet access may feel like a victimless crime, but it deprives ISPs of revenue. Furthermore, if you’ve hopped onto your next door neighbours’ wireless broadband connection to illegally download movies and music from the net, chances are that you are also slowing down their internet access and impacting on their download limit. For this reason, most ISPs put a clause in their contracts ordering users not to share access with neighbours – but it’s very hard for them to enforce this.

The contract clause is interested but as mentioned, extremely hard to enforce.

I guess Wifi jacking will continue and as more mobile devices support Wifi (n95, E61i, PSP, iPhone etc) it will get even more common.

Source: Net Security

Posted in: Legal Issues, Privacy, Wireless Hacking

, , , , , , ,

Latest Posts:

Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

20 Responses to Wi-Fi Jacking Extremely Common (45% of People Do!)

  1. GeS November 23, 2007 at 12:28 pm #

    While using open residential connections, be courteous, less the jacked become wise and secure the connection. At that point it becomes a complete waste of time to do any wep guessing due to a lack of activity.

  2. Doug Woodall November 23, 2007 at 5:57 pm #

    Its too bad that so many uses dont take the time to educate themselves about their puters security issues.
    Most have no idea what a WEP even is.

  3. Arley November 23, 2007 at 7:10 pm #

    Plp dont realize that using someone else

  4. GeS November 23, 2007 at 9:07 pm #

    Arley, good point. Some victims just don’t think about that sort of thing when doing banking, email and the such. I think it is interesting to setup an unsecured wap just to sniff those that in fact connect to do there browsing, email and whatever else. In addition to that, I wonder if there is a way to be secure while jacking.

  5. dirty November 23, 2007 at 9:09 pm #

    I think there is a very small margin of unsecured access points that are run by mischievous people hoping to do all you that you listed. The gain from such would be too little in my opinion to waste your time with but there probably are a few of them out there.

  6. GeS November 23, 2007 at 9:21 pm #

    dirty, people go to a coffee shop that has free unsecured wifi and run ettercap while sipping on your own coffee. Better yet, they do this at airports. The information gathered is quite interesting. I say that to say the idea is certainly relative, but at a smaller scale (such as residential).

  7. midnitesnake November 24, 2007 at 12:16 am #

    Where I live a lot of families own a Nintendo DS, the DS is incompatible with higher security implementations like WPA. Even though users know WEP or OPEN is insecure, they leave their APs that way to keep themselves/their children happy. So manufactures’ like Nintendo must get their act together. In my view I blame the manufactures, not adhering to best security practices. BT is another fine example, who uses WEP on their AP’s when their AP’s support the stronger WPA2 implementation.

  8. Nobody_Holme November 24, 2007 at 12:30 pm #

    Another problem child is NTL (now known as virgin media officially, despite all their infrastructure still being tagged as NTL) who will set up your wireless for you for a nominal fee when you set up a broadband contract… and dont set any security. -.-

  9. cpj November 25, 2007 at 12:56 am #

    wifi up the world and this wont be as much of a problem for the naive law-breaking user who didn’t realize what he/she was doing.

  10. Varun November 25, 2007 at 2:59 am #

    Sophos has been known to spread FUD… I will not be surprised if this particular survey does not really reveal what it claims to reveal.

    Btw check this out http://www.xkcd.com/341/


  11. Alden November 25, 2007 at 9:35 am #

    The average computer user barely knows how to set up a firewall. If router set up was simplified, perhaps it would help reduce the number of unsecured wireless routers. Ideally they’d come with WEP turned on to a random key, and a setup disk which would automatically configure the right settings in Windows.

    Getting people to read the manual would be a good start too. :)

  12. Hunnter November 25, 2007 at 6:12 pm #

    I admit i have before.
    I never used it to do anything secure, because it is always best to be safe rather than have your accounts (from banking to emails) screwed with (almost deserving though haha)

    I actually run a limited open wireless service (basically just port 80 and some other little things)
    I have “unlimited” bandwidth and 8mbit, and i barely use much of that speed most of the time, so why not, eh?

  13. midnitesnake November 25, 2007 at 6:42 pm #

    quote: Alden:
    Ideally they

  14. Reticent November 25, 2007 at 9:44 pm #

    where the hell did they do the poll? 45% of people wouldnt know what wifi was let along how to crack it. I’d say, generously, it would be 1 in 50.

  15. Alden November 25, 2007 at 10:27 pm #

    WEP won’t stop a determined hacker, no, but out of 45% of “people” (I suspect they mean wireless users) probably only a handful are going to be determined enough to try to crack a secured network – the rest will just look for another unsecured network because it’s easier.

  16. Nobody_Holme November 26, 2007 at 11:16 am #

    Thing is…. why would anyone with the skills to break even WEP bother when they could just use that unsecured network over there… Those skills are for when they’re going to be worthwhile, not for use just to get net access when your can get it anyway much more easily…

  17. dirty November 26, 2007 at 5:16 pm #

    I think I saw this poll a few weeks back…i believe it was was a UK based poll. Cant say for sure off the top of my head…

  18. Pantagruel November 26, 2007 at 9:54 pm #

    While on vacation in any major city of our lovely planet you realy do NOT need to go to an internet cafe anymore. The amounts of open wirreless access points is disturbing, the mentioned 45% is to my own experience by far too little. More disturbing is the fact that it doesn’t always need to be some average Joe/Jane who doesn’t have the knowledge or isn’t willing to pay for a proper setup. Even larger companies simply forget to hire a pro and seal off there wireless appliances. WEP/PKA-PSK sound like buzz word of whom only a few seem to graps their value and given the number of wireless appliances in a household daddy sure doesn’t want to bother too much and doing without properly protecting his wlan seems to fit best to the childrens portable game stations, or even dad’s streaming device.

  19. Sir Henry December 14, 2007 at 6:04 pm #

    This is something that will likely never go away. There will always be users who simply want things to work out of the box. For that reason, the default security will simply be no security at all. It is amazing that companies bend to the will of those who ultimately become the victims due to their ignorance of security. I know that if I am out and about and need to connect, that my ssh tunnel is the first thing to be established so that no prying eyes will be able to see what I am doing. My nefarious side thinks that routing those connected to the unsecured AP through Cain and Abel is a fun test in sociology.

  20. fever April 10, 2008 at 4:46 pm #

    pretty difficult to have a secure wireless ap these days with out something that monitors and authenticates regularly.