20

When you connect to an open wireless network (that is, a wireless network without any symmetric password set) is there any sort of secure key exchange going on, or is data sent back and forth unencrypted and able to be intercepted by anyone "listening"?

IQAndreas
  • 6,557
  • 8
  • 32
  • 51
  • 5
    Without a pre-shared key, how would you know that you're connecting to the real access point, and not a man in the middle? – Rag May 09 '15 at 05:15
  • 3
    @BrianGordon: The same way SSL does it? I realize Wifi AP's don't use signed keys, but OP doesn't know that, and it's feasible that they could. – BlueRaja - Danny Pflughoeft May 09 '15 at 17:20
  • 4
    You wouldn't be able to stop man in the middle attacks, but you can still prevent network sniffing by using something as simple as [Diffie-Hellman](http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange). – IQAndreas May 10 '15 at 01:22

3 Answers3

25

Yep. Open wireless networks are entirely unencrypted; anyone can see all the data you send (even if they aren't connected to the network).

cpast
  • 7,223
  • 1
  • 29
  • 35
  • 5
    This is why facebook now defaults to HTTPS. There was a program a while back called FireSheep which you'd run at a starbucks or other open hotspot, find people's unencrypted facebook page requests, and use that information to post as their account! – Cort Ammon May 10 '15 at 03:04
  • 1
    @CortAmmon Yes and you can just do it by hand with `TCPDump` or `WireShark`. – Jared Burrows May 10 '15 at 15:42
  • 1
    @JaredBurrows I pointed out FireSheep because it was what made it so easy and so prevalent that Facebook had to act. It just sounds like a more exotic and difficult thing to do if you have to use the low level tools rather than just downloading an app. – Cort Ammon May 10 '15 at 17:31
  • @CortAmmon I completely agree. There was a `FireSheep` `FireFox` extension and `Android` app. – Jared Burrows May 10 '15 at 17:40
10

an open wireless connection means there is no password exchange required to connect to the network. most data used over an open wireless connection is easily observed. once connected however, there are ways to encrypt your data such as using a vpn. This would allow data to be encrypted over an open wireless connection like public hotspots. though an observer is able to see that there is data, it would be unreadable.

spideranged
  • 101
  • 2
3

Wireless networks that do not ask for password sen data over the air unencrypted and anyone can :

  • Scan your pc/phone to actively try to exploit a component in your hardware

  • all data via http:// e.g cookies,downloads,images,passwords and email sent

  • Do Arp Spoofing

  • Additionally you can't even be sure that the Wi-fi network is legitimate.

That's all i remember for now...and what can you do?

  • Make sure you do anything sensitive over https://

  • Use VPN

  • Always set connection to public so sharing is off by default

  • On phones if sending sensitive emails is better to use your browser than using pop3 (see source )

Why can't open Wi-fi provide encryption ? Well is no technically impossible i guess the simple answer is because nobody wants it bad enough plus would be hard to upgrade all existing infrastructure. I think they could easy do something like normal TLS encryption with CA certificates but this could make possible to them sniff in your https traffic which is bad(i'm not sure maybe someone can explain this better)

Freedo
  • 2,253
  • 5
  • 18
  • 28
  • 2
    There are indeed reasons why the X.509 PKI doesn't work for Wi-Fi in general: there is no meaningful way to associate a certificate with a network. To have certificates work, you need a subject name that is globally unique; the DNS provides such a thing, but nothing of the sort generically exists for Wi-Fi (the SSID is not globally unique), so certificates can't generally work there. WPA-Enterprise does use mutual authentication, and some methods (like PEAP) use X.509 to do so (the unique name is the domain name of the RADIUS server), but that doesn't work well for most networks. – cpast May 09 '15 at 06:41
  • 2
    That said, you're right that it's not technically impossible to provide encryption on all Wi-Fi; you might not be able to trust that it's not a rogue AP, but you could at least stop others besides the AP from sniffing traffic. You're correct on some of the big reasons it's not done. – cpast May 09 '15 at 06:44
  • Just a technicallity: POP3 is for receiving mail, not for sending. (Though it might use the same password.) Sending is usually done by SMTP. – Paŭlo Ebermann May 10 '15 at 08:33