The horror stories are almost as endless as the Internet itself. Laptop-toting customers are being hacked at coffee shops. Guests are being digitally pick-pocketed in hotel lobbies. Travelers’ smartphones are getting snooped on in airports.In an age of ever-increasing digital security, how can this be happening? It turns out you can blame pineapples.
“The Wi-Fi Pineapple is a tool that makes fake Wi-Fi hotspots that automatically match the name of whatever network devices have previously connected to,” says Ben Miller, a Wi-Fi consultant and blogger with Sniff Wi-Fi. The device, which has been around since 2008, is marketed as a tool for so-called “white hat” hackers, who test networks for vulnerabilities that bad guys might exploit. It has become smaller, less expensive, and more powerful over the years. The newest version, the Wi-Fi Pineapple Nano, costs just $99 and looks like a mobile data dongle, camouflaging it in plain sight in Wi-Fi-friendly places like airplanes, airports, and coffee shops.
Airplane cabins are just as vulnerable as coffee shops or airport lounges. Hackers can just sit there without raising suspicions because there are usually a lot of folks just sitting there with their laptops. The Wi-Fi Pineapple connects to laptops, smartphones, and tablets two different ways. One way is by programming the device to send out a commonly used SSID (that’s the “service set identifier,” also known as a Wi-Fi network’s name) that’s identical to ones that are popularly used. The other way Wi-Fi Pineapple locks onto devices is even more insidious, using your “trusted networks” against you. Computers and mobile devices all have trusted networks — they’re the legitimate Wi-Fi networks that your gear connects with every day, including your home network, your work wireless connection, and the one at your favorite Starbucks, for example.
When your computer or mobile device’s Wi-Fi is turned on but not connected, it probes for trusted networks by sending out signals with their names. If these probes happen to hit a Wi-Fi Pineapple, the hacking hardware will mirror one of your trusted network names, causing your computer to automatically connect with it. And once the pineapple has you, you’re vulnerable and unaware. The easiest solution is to turn your device’s Wi-Fi connectivity off before you encounter a suspect area. This will also turn the device’s probing functionality off.
For the best protection against Wi-Fi Pineapples, use a Windows computer. “For Windows devices, there’s a checkbox — you can choose to ‘connect automatically,’ or not.” Whenever you’re connecting to a new, trusted network, checking the ‘connect automatically’ box will save the network’s information on your Windows computer. Then, if you go into the properties for that network, there’s an additional checkbox (select “this is a non-broadcasting SSID”) for the probing behavior.
Despite how disruptive and dangerous the Wi-Fi Pineapple can be, it is a tool used by networking professionals to test network security. As a result, it’s completely legal for anyone to buy. But some lawmakers are calling for them to be banned, bringing security to the airwaves.
Just be cognizant of where you are in public with your phone or computer. Use the 4G aspect of your phone and turn off the WiFI button. And after you leave an area where you have used a WiFi connection, take if off your device history.
We are passionate about travel and passionate about Home Insurance Roseville and Home Insurance Rocklin. Thank you for reading and thank you for trusting Park Family Insurance!