Social Sites 'Likes' And 'LiveJournal' Hit With Malvertising

Wi-Fi Can Spy? Leaks show CSEC tracked Wi-Fi users at Airports

The CBC published a recently leaked document attributed to the CSEC, Communications Security Establishment Canada, showing that they used the free Wi-Fi networks at a major Canadian airport to track travelers.

If anyone still had any doubts that using “open” wireless networks was an anonymous proposition, they can put that assumption to rest.

The convenience of using networks we do not own, at no charge, accompanied with the usual TOS that are typically blindly clicked through has always been one fraught with risk. You could be connecting to a fake WAP (wireless access point) that collects your personal information.

CSEC has kindly acknowledged that the document is genuine, by addressing the CBC article on their website with an official statement.

With these recent revelations, I have compiled some handy travel tips.

Use a 3G/4G data stick, rather than Wi-Fi to access the internet when travelling.

photodune-5265345-3g-lte-broadban-usb-stick-dongle-m

You can get a ridiculously cheap router like the TP-Link TLMR 3020 or 3040, and share out the 3G/4G goodness to all your devices! As an added bonus you can transform the TP-Link router into a Piratebox when you are done using them it as an access point!

IMG_1402

You can also configure your smartphone to act as a hotspot, and connect your laptop to it.

However, I think it’s safe to assume that the majority of travelers are using the free wireless access points to avoid the high roaming data charges associated with the above mentioned solutions.

  • Change the computer name of your laptop. The name your computer has is a unique identifier.
  • If your “tin-foil-hat-ness” is strong, use a throw away travel computer (wipe every travel, re-image with Acronis).
  • VPN into your work network, this encrypts the traffic, and should be done regardless, if you access company resources via unknown networks, be that of airports, or hotels. Ask your IT dept. for assistance with configuration settings your laptop, they’ll thank you for this.
  • If you don’t have an IT department, you can use a VPN service such as HMA or Cyberghost. As an added bonus, these services will circumvent geolocated web restrictions. Keep in mind that some web-based services, such as Gmail, will lock your account if you configure your VPN to exit out of somewhere far away enough. This is meant as security measure, and even if it is inconvenient, it is a good thing. If your Gmail account is suddenly accessed from somewhere in Eastern Europe and it doesn’t involve you using a VPN service or actually physically being there, There is something fishy going on. You will be glad for theses measures should something like this happen!
  • Consider spoofing your MAC (Media Access Control) address.

Technitium Mac Address Changer 

would seem to be the easiest way to achieve this change. in Windows (I used Windows 7 to test this and it was pretty painless).
Technium

What this application does is changes this registry value: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlClass{4D36E972-E325-11CE-BFC1- 08002bE10318}

It also lets you generate a random MAC address, and easily revert to the original. Using these tips should help make your computer less unique when you travel.

As always, stay safe in your travels.

ABOUT THE AUTHOR

Jean Taggart

Senior Security Researcher

Incorrigible technophile who loves to break stuff and habitually voids warranties.