On iPhone, beware of that AT&T Wi-Fi hot spot
cnet – A security researcher has discovered that any wireless network can pretend to be an AT&T Wi-Fi hot spot and thus lure unsuspecting iPhone users to an untrusted network connection.
Samy Kamkar, who created a worm that garnered him a million friends on MySpace overnight in 2005, said in an interview this week that he can hijack any iPhone within Wi-Fi range in what is often dubbed a “man-in-the-middle” attack because of the way the devices are configured to recognize AT&T Wi-Fi connections merely by the name “attwifi.”
Typically, an iPhone will look for a specific MAC address–the unique identifier for the router–to verify that the wireless network is a device a user agreed to join previously. However, if the iPhone has previously connected to any one of the numerous free AT&T Wi-Fi hot spots (offered at virtually every Starbucks in the U.S., for example) the device will ignore what the MAC address says and simply connect to the network if it has “AT&T Wifi” attached, Kamkar said.
“The iPhone joins the network by name with no other form of authentication,” he said.
Kamkar said he made this discovery recently when he was at a Starbucks and disconnected from the AT&T Wi-Fi network.
“I went into the settings to disconnect and the prompt was different from normal,” he said. “I went home and had my computer pretend to be an AT&T hot spot just by the name and my iPhone continued to connect to it. I saw one or two other iPhones hop onto the network, too, going through my laptop computer. I could redirect them, steal credentials as they go to Web sites,” among other stealth moves, if he had wanted to.
To prove that a hijack is possible, Kamkar wrote a program that displays messages and can make other modifications when someone is attempting to use the Google Maps program on an iPhone that has been intercepted. He will be releasing his hijacking program via his Twitter account: http://twitter.com/samykamkar.
Kamkar hasn’t attempted the hijack on an iPod Touch, but plans to determine whether it has the same vulnerability.
iPhone users can protect themselves by disabling their Wi-Fi, or they can turn off the automatic joining of the AT&T Wi-Fi network, but only if the device is within range of an existing AT&T hot spot, Kamkar said.
Asked for comment an Apple spokeswoman said: “iPhone performs properly as a Wi-Fi device to automatically join known networks. Customers can also choose to select to ‘Forget This Network’ after using a hot spot so the iPhone doesn’t join another network of the same name automatically.”
Kamkar, an independent researcher based in Los Angeles, first made a name for himself by launching what was called the “Samy” worm on MySpace in order to see how quickly he could get friends on the social-networking site. The cross-site scripting (XSS) worm displayed the words “Samy is my hero” on a victim’s profile and when others viewed the page they were infected.
He served three years of probation under a plea agreement reached in early 2007 for releasing the worm.
June 22, 2010 - Posted by douglashaskins | bugging devices, cellular phone, countersurveillance, eavesdrop, email, encryption, English, espionage, illegal, mobile, phone tap, privacy, security, spy, surveillance, tap, technology, text message, USA, wireless, wiretap | attwifi, authentication, automatic joining, hot spot, Iphone, man in the middle, security, starbucks, steal credentials, stealth, untrusted network, wifi, wireless network
No comments yet.
Sigillu offers the safest and most efficient solution to keep your sensitive cellular conversations and text messages secure from eavesdropping.
- August 2010 (7)
- July 2010 (20)
- June 2010 (15)
- May 2010 (7)
- April 2010 (17)
- March 2010 (15)
- February 2010 (15)
- January 2010 (8)
- December 2009 (35)
- November 2009 (29)
- October 2009 (34)
- September 2009 (2)
- August 2009 (7)
- May 2009 (10)
- April 2009 (7)
- March 2009 (6)
- February 2009 (17)
- January 2009 (24)
- December 2008 (4)
- November 2008 (9)
- October 2008 (10)
- September 2008 (8)
- August 2008 (10)
- July 2008 (10)
- June 2008 (7)
- May 2008 (11)
- April 2008 (8)
- March 2008 (9)
- February 2008 (3)
- January 2008 (20)
- November 2007 (7)
- October 2007 (24)
- September 2007 (7)
- August 2007 (11)
- July 2007 (17)
- June 2007 (5)
- May 2007 (35)
- April 2007 (22)
- March 2007 (34)
Twitter: follow me
Subscribe to Sigillu Feeds
BlackBerry bugging devices cellular phone dispositivos de escucha eavesdrop email encryption English escuchas telefonicas espionage espionaje ilegal illegal intercepcion mobile phone tap privacidad privacy security seguridad Spanish spy surveillance tap technology tecnologia Uncategorized USA wireless wiretap
Karel santral on A Combat Zone iPhone? Soldiers… Karel santral on The Obama administration argue… Mike on Gold Line Encryption Software… All Pro Legal on The Obama administration argue… Tim Gallagher on The Obama administration argue…
- Post Edited: Uribe denuncia que sus comunicaciones están siendo interceptadas sigillu.com/blog/uribe-den… 1 year ago
- New post: Uribe denuncia que sus comunicaciones están siendo interceptadas sigillu.com/blog/uribe-den… 1 year ago
- New post: Así se negocia para que nos vigilen sigillu.com/blog/asi-se-ne… 1 year ago
- New post: Fears for Macedonia's fragile democracy amid 'coup' and wiretap claims sigillu.com/blog/fears-for… 1 year ago
- New post: Nicole Kidman's phones were tapped while she was with Tom Cruise, documentary claims sigillu.com/blog/nicole-ki… 1 year ago
- New post: Panama arrests former security officials for illegal wiretaps sigillu.com/blog/panama-ar… 2 years ago
- New post: Prying Eyes: Inside the NSA's War on Internet Security sigillu.com/blog/prying-ey… 2 years ago
Blog at WordPress.com.