1

I have an unbranded Wi-Fi repeater from China. I was reading over the setup instructions and pretty much every sentence had a spelling mistake which has made me worry. The quality isn't so much a concern, but I'm wondering now is it possible for them to have installed some software that will act as a spy on the network and send back sensitive information to the source?

Does a Wi-Fi repeater have the ability to sniff the network data that it is boosting or is it nothing more than a signal booster? It seems as though this device will consume the current Wi-Fi connection and then output the same connection, sort of like a router in bridge mode, but connected wirelessly. Should I be worried that this device could rob my credit card data, or is it safe?

Peter Mortensen
  • 2,319
  • 5
  • 23
  • 24
Dan Hastings
  • 696
  • 1
  • 12
  • 24
  • 13
    How do you know it is *just* a wifi repeater? If you're suspect of the software, how is it can you trust the hardware? – jscott Feb 27 '17 at 16:04
  • Is it possible to install an costum ROM on the repeater? So you could minimize the risk on sw side, but of corse hardware might still be compromised. – BerndGit Feb 28 '17 at 07:11
  • @BerndGit the bootloader might itself be compromised and contain malware, and that would execute before any custom firmware. – André Borie Feb 28 '17 at 11:12
  • This is correct. Therefore i havr written 'minimize' and not 'rule out' – BerndGit Feb 28 '17 at 11:30

3 Answers3

16

Does a wifi repeater have the ability to sniff the network data that it is boosting or is it nothing more than a signal booster?

Well, all of the traffic is passing through it, so the answer is: yes. If you find yourself having to ask this question at all, don't even consider using the equipment.

If at all possible, stay far away from wifi repeaters. They degrade performance horribly and are the source of all sorts of problems. Just bite the bullet and pull cable so you can install a proper wired access point.

EEAA
  • 108,414
  • 18
  • 172
  • 242
  • The answer isn't an obvious yes. Routers that your HTTPS traffic passes through can't sniff it. (Or rather, they can, but it would be next to useless because they have no way to decode it) – user253751 Feb 27 '17 at 23:07
  • 2
    @immibis The question was "can it sniff the traffic" to which the answer is an unequivocal "yes". – EEAA Feb 28 '17 at 02:16
  • Indeed it is, but the first non-quoted paragraph in your answer conveys the tone that the question asker is an idiot for ever thinking otherwise. – user253751 Feb 28 '17 at 03:23
  • @immibis By being in the same physical location and having an internet connection. Yes, I think it is obvious the device can be sniffing the data packets. Even IF a standard repeater could not sniff the data. The physical box in which the repeater ships in could house non-standard hardware. – Aron Feb 28 '17 at 04:06
  • @Aron There is no device you can put in a router box to make that router track your HTTPS browsing habits (beyond the domain name). Without researching it, would you know that wi-fi isn't like HTTPS? – user253751 Feb 28 '17 at 05:58
  • @immibis That has nothing to do with the "sniffing" part of the question, which this answer, answers. The criticism should be directed at not answering "Should I be worried that this device could rob my credit card data", which is where https comes into the question. That does not, however make the route, "safe". But then again who is to say a US vendor isn't packing NSA hardware in their repeaters. What is more worrying is that the wifi repeater can be used as a beachhead to launch attacks inside of the NAT/Firewall. – Aron Feb 28 '17 at 06:19
  • 1
    This answer, while correct, makes it sound like these devices are terrifying. In reality, any device with the right hardware can sniff at WiFi packets (for example, someone in a coffee shop can see the packets), as can your router, your ISP's servers, any routing points along the way... – Tim Feb 28 '17 at 10:23
3

Yes the Wifi repeater can see all your traffic. If you are not using WPA encryption so can everyone else in range of the wifi signal.

No it can not see your banking details, because your browser(hopefully) set's up a encrypted SSL/TLS connection(tunnel) to the bank that is authenticated using the certificate provided by the banks server and verified by one or the CA's pre-loaded into your browser as being authentic.

The same is true for every bit of network equipment from your wifi through the internet up to your bank web-server, and behind your bank web-server to the database etc. they can all see your ip packets.

Pieter
  • 678
  • 6
  • 10
2

Does a wifi repeater have the ability to sniff the network data that it is boosting or is it nothing more than a signal booster?

A "wifi repeater" must rewrite all traffic between the two networks, otherwise it couldn't possibly work. The repeater's clients are not clients of the existing access point, so the access point would not send traffic for them over its wifi link. Thus, at a minimum, a wifi repeater must rewrite the hardware addresses of its wireless (and wired, if supported) clients when they communicate with the other access point.

David Schwartz
  • 31,215
  • 2
  • 53
  • 82