Home

Share this Story

99% of Android Users Vulnerable to Shady WiFi Hotspots, Please Avoid Them

Sorry if that post title comes off as a little snarky, but there are reports flying around today claiming that “99% of Android users’ data is vulnerable to theft!”  While the report talks of an exploit that would in theory affect almost all Android users, the possibility of it actually affecting them is probably slim to none if they have even an ounce of brain power.  Nothing like a good title to bring in the sheep though, eh?  If they wanted to hypebeast they should have come to us for tips.

So what does this story speak of?  According to a German University, Android creates a token every time a service like say Facebook or Tumblr is logged into that lasts for 14 days.  And that token, if you aren’t running Android 2.3.4, can be snatched up by potential hackers if you were to jump onto their WiFi network.  The idea they pose, is that said hacker could setup a WiFi hotspot next to a Starbucks, call it “starbucks wifi”, leave it wide open for anyone to join, and then as you join begin to snatch up these tokens to then access all of your personal information.  Brilliant.

Thankfully the Android team has patched it in 2.3.4, but again as the title suggests, only 1% of users are actually running that version.  So what should you do?  Avoid random shady free WiFi hotspots titled “FREE Starbuckz Wifeez.”  Is that really that hard to do?

Via:  Register, BGR

  • Anonymous

    I don’t trust anyone named “Guest”

  • http://twitter.com/BrianBrick Brian Brick

     these kinds of stories always crack me up. i laugh at the fools who connect to wifi indiscriminately. i remember reading a while back that some people were taking advantage of the fact that i*hones by default would automatically connect to hotspots called AT&TWifi and then just hijack their info

  • Anonymous

     Honestly, yes, yes it would be hard to avoid. You said it yourself, you put a Wi-Fi hotspot near a place you would expect one to be (coffee shop, library, school, etc) and it can steal your data.  Obviously something like mispellings, 1337 spelling, and other crap like that will make it obvious it is a fake but anyone serious could do this and make it extremely difficult for anyone who isn’t overly paranoid to know it is a fake.

    Really hope this can be rolled into a 2.2.3 update like the root app thing was (IIRC both 2.2.2 and 2.3.2 fix that vulnerability)

  • Jon

     people still use hotspots?

  • Anonymous

    Misleading article.  The problem is when someone creates a WiFi hotspot with the same name as an open hotspot you have already trusted and the phone remembers.   If you regularly visit Starbucks and have added their open hotspot to your list in WiFi, which is easy to do and lots of people (myself not included) do, it will automatically connect to the same-named evil hotspot and try to synch your data/email/calendar/Facebook/Twitter/etc. like it would if you were at Starbucks.  It’s akin to a man in the middle attack, only it’s not secure.

    The problem is with trusting open WiFi hotspots to begin with.  But lots of folks do it.  I go into my WiFi settings after I am done using the hotspot and tell it to forget the open hotspot.

    • Guest

      WRONG.  This is a problem even if you’re connecting to the trusted starbucks network saved in your phone.  ANYBODY who is also connected to that trusted starbucks network can load up a packet sniffer and capture your sensitive data.

  • Guest

    This article written up by Droid Life is very misleading as to the true issue here, and dumbs down the problem making it seem like it’s not that big of a deal for Android phones.

    The problem here isn’t only ‘shady’ wireless networks, it’s ANY wirless network that allows outside users to connect.  The fact is that the requests to these services are sent over http in PLAIN TEXT so anyone using a packet sniffer and capture it easily.  This is a problem when on say…your university’s network, official starbucks/coffee shop networks, even your work wireless internet…any wireless network the public can connect to.

    • http://twitter.com/samari711 samari711

      It’s also a problem on your laptop, netbook, i*hone, mac, windows phone, wifi enabled microwave… anything that connects to an open wireless network and visits non-ssl/tls enabled sites containing sensitive information can have that information sniffed by anyone running a packet sniffer.  The problem here is that Android uses an insecure method to interact with Google services and that it’s easy not to realize this since it’s baked into the OS. 

      • Guest

        Yep exactly.  When on a laptop or mobile device and visiting a website, it’s very easy to tell if you have a secure connection, but when it’s baked into the application the only way to tell is to monitor the traffic on a packet level.

    • Angry Turd

      *sniff, sniff* Smell my finger…

    • Anonymous

      Another problem is that I could create a wireless network named the exact same name as another nearby network to trick the users into accessing a network they thought was safe. 

  • Immolate

     I can’t recall ever having connected to a wifi network other than my home network with my phone. How many people wifi with their phone at Starbucks or McDonalds? Why not just use your phone’s data network?

    I suppose there are “battery people” out there who look for any opportunity to save a milliamp of power who would do this, but my experience is that most folks who use these public wifi hotspots are on laptops. 

    • Anonymous

      Because your phone’s data network probably has no coverage overseas, especially if you use Verizon or Sprint.

    • http://profiles.google.com/chasehammer Chase Johnson

      also there is a HUGE difference in WiFi connection speed and 3G.

      WiFi = 10mb
      3G = 1.3mb

  • Angry Turd

    I put on a rubber when I go on unencrypted open wi-fi…am I protected?

  • Anonymous

    News? come on! Moron’s are always vulnerable to attack. If you are smart and think about what you are doing than you are fine. This is only Android slander.

  • http://twitter.com/richie681 Eric Richardson

    Wow… just… wow. Other than the fact that I like to connect to shady WiFi hotspots as a hobby and send mass amounts of sensitive information, I always thought unsecured meant… unsecured. As in… not secured. Why is this even news? 

  • Arthur Uscg

    Another reason why carriers or OEMs should not be controlling OS updates. Google should be able to push updates at their will.

  • Anonymous

    Too busy soaking up LTE with my TBolt to mess with WiFi.  I do use my home network but if I can’t secure that then there is a bigger problem at hand. 

  • Arthur

    So Verizon cares enough about customer security to start pushing updates more frequenty, right? It’s a bad idea to use unsecured wifi regardless.

  • http://profiles.google.com/chasehammer Chase Johnson

    if you are stupid enough to allow it to happen then its your own fault. People shouldnt blindly connect to random networks. and If you do go to somewhere that has free Wifi ask the staff which connection is legit. sheesh.

  • Dougaljacobs

     This is misleading. These tokens can be sniffed from ANY unencrypted Wi-Fi, not just if you join “Shady Networks”, the only solution is to refrain from using ANY unencrypted Wi-Fi unless your device is on 2.3.4. Staying on a “safe” unencrypted W-Fi network will not protect you.

  • Anonymous

    Judging by the people who were in my university classes trying out every possible wifi connection in their list: yes, it is quite hard to do.

  • Anonymous

     I use public wifi hotspots a lot when I’m travelling overseas, mostly at hotels and airports. I do always ask a desk clerk for the official name of their hotspot. Hopefully, this scam will not encourage crooks to try to spoof valid hotspot names. And also hopefully, Google will force phone manufacturers to push out a fix for this problem.

    • palomosan

      Why would anyone with a brain just login to any WiFi hot spot without knowing who’s is it?  without knowing who’s is it? 

  • stm^

    only time i use wifi is when im at home on my network or at a friends whom i know isn’t trying anything. any other time 3g is sufficient for what im doing….

  • http://twitter.com/_sigs SIGS

    This is way overblown.  You run into the same exact issue with MS Windows zero-day vulnerabilities and using public WiFi w/o encryption.

    Is everyone freaking out every single time a vulnerability comes out on Windows –nope!  Why?  Because it’s expected. 

    Just use common sense here people and do as the title suggests.

  • Mustagme

    And yet another reason to avoid Android like the plague. I don’t ever hear iOS having these issues. Anything to say fanbois? to say fanbois?

    • Anonymous

      Sure stop by and connect to my open network see what info i can get. 

      • Lakerzz

        I doubt if that would work. From what I heard, I*hones have trouble staying connected to a wifi signal for any period of time. :P

    • M6droid

      Yeah, dumbass. I’ll make a free wifi hotspot that asks you to connect to “Free Starbucks wifi” and you’ll need to click accept, which makes you download a PDF which contains a script to keylog your info on your iPhone.

      Pretty easy to steal iPhone data too if I wanted…

    • Angry Turd

       They’re tracking your every move!

    • http://twitter.com/_sigs SIGS

      .Check it out. Apple is by far the WORST company when it comes to writing SECURE code. Please check out Secunia and come back when your head stops spinning.

      Here’s a reference article for you.

      http://www.engadget.com/2010/07/22/secunia-ranks-apple-first-in-software-insecurity-safari-said-to/

    • HH

      Just curious, why do you even read this blog if you’re avoiding “Android like the plague.”

      • Nathanael Glad

        its called trolling and you got trolled!

    • Darren B

      We are “fanbois” when you are the one who has
      posted such nonsense as “Android is laggy, buggy, and virus filled.”
      It must be hard going through life being so closed minded. I certainly prefer
      Android to iOS, but I don’t need to make things up about it to make myself feel
      better. Your posting history here is downright comical (I highly encourage
      others here to look through it, plenty of lols to go around).

      This isn’t an issue for me, because I don’t connect my phone
      to random wireless networks. If I saw two conflicting network names and one
      wasn’t blatantly obvious as a fake, I’d probably just ask the establishment.
      You strike me as the kind of person that needs to get a new email address every
      week because you reply to phishing emails. If this is genuinely a concern for
      someone, they probably are making themselves vulnerable to a lot of other ways
      to have their data stolen as well.

       

  • Anonymous

    4G is faster than unsecured wifi hotspots anyway.

  • Stinny7

    Android is so much safer if you cut out the middle-man (carriers) for updates. Any avid ROM flasher can easily get 2.3.4.

  • http://twitter.com/samari711 samari711

    it’s a bit easier to be affected than that.   Even if you connected to the legitimate starbucks public wifi, anyone could sniff your tokens because you’re sending the information over the air, unencrypted.  Remember the whole facebook/firesheep fiasco? this is the exact same issue. 

  • German H4X0R

    shhh you’re blowing my cover

  • German H4X0R

    shhh you’re blowing my cover

  • JumpinJ

     Unfortunately, for the average user, it is.  Especially if the name looks even remotely legit.  The average level of security knowledge is dropping as the platform grows in popularity.  It’s easy for experienced, technical people such as those that frequent this, and other blogs, to avoid security issues like this.  However, as the platform grows and brings in more former iOS users, it also brings in a lot more people that are used to having things done for them through the closed eco-system that is iOS.

    • Anonymous

      Still if you dont know its bad to leech off of every hot spot you see you shouldn’t have a smart phone. I know as a Network admin this info is just common to me but still how do people not see it as a bad thing to connect to open free hot spots you dont know.

      • JumpinJ

        I agree with you, but it’s not necessarily a “leech off  of every hot spot” situation.  Keep in mind many places use free hot spots as a “bonus” to bring in customers.  I travel a great deal and have seen them just about everywhere I go.  I’ve even been tempted on more than one occasion when I had something I simply HAD to get out for work purposes.  I’ve found that quite often, you can find the places that have it available by simply looking for crowds around certain shops/cafes/diners.  It wouldn’t take much for someone to “slip in” their own and make the SSID something familiar…even identical to the place that offers it legitimately.  

        • Anonymous

          Almost all fast food places around here have hot spots. So couldnt be to
          hard to make a fake SSID and wait for people.

  • JumpinJ

     Unfortunately, for the average user, it is.  Especially if the name looks even remotely legit.  The average level of security knowledge is dropping as the platform grows in popularity.  It’s easy for experienced, technical people such as those that frequent this, and other blogs, to avoid security issues like this.  However, as the platform grows and brings in more former iOS users, it also brings in a lot more people that are used to having things done for them through the closed eco-system that is iOS.

  • Angry Turd

    I’m glad I’m not on Facebook. :p

  • Angry Turd

    I’m glad I’m not on Facebook. :p

  • Mr. Joe

    Good thing I rarely use hotspots!

  • Mr. Joe

    Good thing I rarely use hotspots!

  • http://twitter.com/VeeDrummer Derek Stiles

     Good thing I’m on CM7…

  • http://twitter.com/VeeDrummer Derek Stiles

     Good thing I’m on CM7…