The proposed attack is a way to take control of Home (and attach it to a new Google Account and network) when it loses wifi connection, it neither relies on nor provides the attacker access to the rightful owner's wifi network.
Yeah this article is only covering a specific attack vector, to claim that public Wifi is nearly risk free because of HTTPS is a very dangerous statement to make. The risk of public wifi was far from just having your traffic spied on.
This only proves the plausibility of the vector, not that it's being used. It seems that it was done in the interests of usability, maybe, but if I worked for Amazon I would have pushed back on this feature: joining a wifi access point without permission is a bad practice, and this would have been very confusing for most users, as well as a security nightmare.
This attack doesn't expose Wi-Fi network key, so I assume it doesn't let you join the network, just sniff the traffic of the targeted user (and also, in some cases, forge/inject packets).
Except the attack doesn't get you access to their wireless network. It allows you to redirect someone from their wireless network to your own (spoofed) wireless network and then you can snoop the traffic.
I can't see any reasonable threat model which makes an attacker on public wi-fi seeing someone accessing particular domain more dangerous than ISP or VPN provider seeing same.
Too bad all of those attacks have nothing to do with 802.11 and, given the necessity and equipment, can be carried out with almost any connection medium. Public WiFi is just more popular and easier target.
Just don't think your colleague (who hates you) or nearest BOFH at the job, technically can't stealthly plug out your cable while you're out, hook up his router performing a MitM attack, and have his fun and profit. Yeah, that's childish, much less probable, and incomparably more risky than just sitting with laptop at cafe, but the point is that every one of said attacks can still be carried out.
Just because the whole world's relying on the obscurity as a primary security measure.
The defence is definitely to not use public wifi. This technology works because they can identify small target windows (e.g. you just accessed a URL to login to your bank account) in which to make and process these measurements. Any kind of abnormal obfuscation of your device should introduce enough noise to prevent this attack from generating any meaningful data from the victim, but I'm running on assumption.
One side of public wifi that might be dangerous is malicious access points. A while ago there was an attack vector related I think to DHCP, which allowed a malicious AP to run commands in you computer.
A security researcher friend of mine used that and a Pineapple device inside a small and saw a lot of exploitable devices connect.
> Do you really need to secure Youtube viewing on a public WiFi hotspots ?
This suggests you did not, in fact, see the problem. The attacker in this scenario is not limited to replacing YouTube videos. They can make anything they want appear on the user's screen, including things like a Google login page, or even a bank login page.
reply