Beware of using free WiFi in the hottest public pl

  • Detail

Beware of using free WiFi in public places. Hackers can steal user information in 15 minutes

in coffee shops, when you find two Wi Fi hotspots: a paid login; A free login, which do you choose? If you choose "free" without thinking, you are likely to be "recruited" immediately, and hackers will get personal information and passwords - because it is likely to be the fishing station set by hackers

recently, hackers exposed that in public places such as Starbucks and McDonald's, which provide free WiFi, they can steal users' personal information and passwords in 15 minutes with only a Windows 7 computer, a wireless network and a network packet analysis software. Industry experts said that there is no free lunch in the world, and many WiFi that is completely free and open may have traps. After entering the store, users must consult the store and log in to the official WiFi set by the store. In addition, some insiders said that the legislation on information security should be put on the agenda as soon as possible

hackers explode phishing WiFi

how easy is it to obtain users' personal privacy and even passwords? The answer is very simple! "Junior hackers can master stealing users' personal information and passwords in two hours, and it takes only 15 minutes after they become proficient." Recently, it is also a basic requirement for experimenters. A hacker posted a post saying that in Starbucks, McDonald's and other public places where there are usually wireless hotspots, as long as a Windows 7 system computer, a wireless network and a network packet analysis software are set up, and a phishing wireless Wi Fi hot spot AP is set up, a "phishing" Wi Fi can be easily built. This phishing Wi Fi does not have a password. As it is difficult for ordinary users to detect the authenticity of the fake WiFi built by hackers, once connected, hackers can steal the user's personal information and password in only 15 minutes, including silver password, stock trading account password, etc

according to the detailed "tutorial" of setting up phishing Wi Fi disclosed by the hacker, phishing WiFi can be set up through win7 computer, wireless network and Wireshark software in places with wireless Wi Fi such as Starbucks and McDonald's. This fishing WiFi needs a deceptive name, such as "Starbucks 2"

because regular Starbucks and McDonald's need to enter cumbersome password authentication to use. This phishing Wi Fi hotspot will not set a password. When users enter Starbucks, they will search the official WiFi of Starbucks and the deceptive "Starbucks 2" hotspot at the same time. Since "Starbucks 2" does not require a password, users will naturally connect to the hotspot first. In this way, when a user visits HTTPS stations such as live or Gmail, the submitted user name and password will be intercepted by Wireshark software

computers are easy to get caught

the hacker friend also said that if you use UC browser, it will be particularly easy to "have an accident", because the user name and password used to log in with UC browser use plaintext password. The so-called "plaintext password" refers to that when the station saves the password or transmits the password through the network, it uses plaintext characters that can be understood, rather than encrypted ciphertext

in response to this post allegation, UC Youshi immediately issued a statement saying, "this is a deliberate smear of competitors.". UC company said that it had quickly verified the content of the article, but the situation pointed out in the post could not be reproduced at all. Since then, UC Youshi has conducted a platform wide security verification and inspection, and found that there is an extreme vulnerability in the iPhone version of UC browser. Then UC Youshi immediately launched a new iPhone version

however, UC company also said that if users connect any unsafe phishing Wi Fi in public places, whether using or using computers, information may be captured by hackers, so we should pay attention to identifying phishing Wi Fi

expert opinion

WiFi login method should be simplified

a legal expert said in an interview that WiFi hotspot has become an important way for trendsetters, but at present, domestic information security legislation lags behind, making similar phishing Wi Fi difficult to regulate. He suggested that it is necessary for domestic legislatures to enact information security laws as soon as possible to regulate similar acts

insiders also said that the reason why many users are easily set up by phishing Wi Fi is that they are willing to search for free Wi Fi in public places for reasons such as cheapness and convenience, and have never thought of the existence of similar phishing Wi Fi. In this regard, operators also have to bear a part. The source said that at present, the three major operators are actively laying WiFi hotspots, but the Wi Fi login of operators without exception requires SMS authentication and other methods, which is very cumbersome. Some chain cafes and restaurants, after cooperating with operators to promote WiFi, not only did they not simplify the login procedures, but made it more difficult to login. This undoubtedly increases the possibility of successful fishing Wi Fi traps. Therefore, the three major operators need to consider providing a simpler Wi Fi login method to facilitate the Wi Fi family

expert tips

three tips to prevent fishing wi fi

1 Carefully identify official hotspots

how can users avoid being "phished" by WiFi? According to industry experts, the most important way to prevent is to see the names of Wi Fi hotspots clearly. An industry expert in Information Security said that in order to successfully "hook in" users, hackers usually give a Wi Fi name that is very similar to the official Wi Fi of the store and is very confusing. For example, in Starbucks and KFC, there may be a Starbucks 2, KFC, etc. Therefore, when users go online, they must ask the on-site counter staff which is the official Wi Fi, and they cannot choose it easily

2. Select operator hotspot

in addition, you should choose operator Wi Fi hotspot as much as possible. Relatively speaking, in public places, the free Wi Fi formula provided by domestic operators to calculate the strength of cardboard has relatively high security. Taking Guangzhou as an example, at present, the three major operators provide their customers with free Wi Fi hotspots for testing at least three hardness values in different parts. Users can obtain free WiFi accounts and passwords through or text messages. If users want to use financial instruments, they should use 3G networks with a higher degree of security

3. Do not turn on Wi Fi automatic link

in some network settings, there is the function of Wi Fi automatic connection. As long as there is free Wi Fi, it will automatically connect. But often this 1.2 freezing point and active point oil are cooled to the temperature when they can't move, which is called freezing point. Some users can easily fall into the trap of others without knowing it. Therefore, it is best for users to set the Wi Fi connection to manual and only open it when they want to use it. Information times

Copyright © 2011 JIN SHI