3.15 Know More | Uncover the Truth Behind “Free WiFi”

The 3.15 Gala exposed that the "free WiFi" App induced people to click on the advertising link and automatically downloaded the program in the background. In fact, in addition to this pit, WiFi also has these tricks>>>

Compiled by New Media Editor Li Yunfeng Edited by Liu Zhao

At the annual "3.15" party, the hidden traps of the "Free WiFi" App were exposed. Not only can they not crack WiFi passwords, they can also secretly install malicious software on mobile phones, making people miserable.

In fact, there are more risks that "free WiFi" may imply. Let's take this opportunity to count down the various tricks of free WiFi.

▼▼▼

What is WiFi?

Image source: Tuchong Creative

"Withered vines, old trees, crows, air conditioning, watermelon, and WiFi." As the new must-have tool for summer, WiFi has been incorporated into various jokes, which indirectly proves its indispensability in today's life.

WiFi (Wireless Fidelity) was originally the abbreviation of wireless fidelity. Wireless Local Area Network (WLAN) refers to "wireless compatibility certification", which is essentially a commercial certification and also a wireless networking technology. It is also called 802.11b standard, which is an industrial standard for wireless network communication defined by IEEE. Because of its fast speed, high reliability and low networking cost, WiFi technology has an absolute advantage in meeting users' needs for high-speed data transmission in a specific area.

At the same time, WiFi allows people to completely get rid of the connection between network cables and devices. One network cable can provide Internet access to all wireless devices in the area. Any mobile terminal with a WiFi receiver can be connected and used. The convenience is self-evident. It has now entered thousands of households.

▼ ▼ ▼

How is WiFi encrypted?

WiFi has many benefits and everyone likes to use it, but it is not something you can use whenever you want.

On the road of WiFi encryption, people have used WEP encryption, WPA encryption, and WPA2 encryption. From a security perspective, WPA2 encryption is more secure than WPA encryption, while WEP encryption is the least secure.

WEP is the oldest encryption method that uses plain text. To put it simply, when you call a friend, the phone number is the WiFi password. After the call is connected, you and your friend communicate in Mandarin. Anyone who can hear you talking to your friend can easily get your password.

For communication security, humans invented the WPA encryption method. The principle is that we enter the WiFi password, and after the router recognizes it, a communication password will be randomly generated between the wireless router and the device. This communication password is not easy to be reverse cracked. In layman's terms, if you use dialect when talking to your friends, even if someone eavesdrops on your conversation, they will not understand it, and it is naturally difficult to crack the password.

WPA2 encryption is an upgraded version of WPA, adding the AES algorithm, which is theoretically impossible to crack. To put it simply, it is like when you call a friend, the phone number is the WiFi password, and the conversation uses a code that only the two of you can understand, which others cannot decipher.

▼ ▼ ▼

How to hack WiFi?

The continuous upgrading of encryption methods has made the security level of WiFi devices very high. However, there is no doubt that there are still significant security risks in the use of WiFi. The problem lies in how to use WiFi.

First of all, if your wireless router only uses WEP-based encryption, cracking software can crack it within a certain period of time, so you must choose WPA or WPA2 encryption.

Secondly, wireless networks with passwords are more secure than free WiFi, and wireless networks provided by operators require users to log in, which is more secure. However, since the threshold for commercial WiFi technology is low, it can be built by purchasing equipment, software, and network services. It is also very easy to build a fake WiFi environment in a public place to transmit signals to induce users to connect and use it.

Once hackers enter the WiFi environment, they can penetrate everywhere. In public WiFi environments, they can set up phishing WiFi without passwords, or pretend to be regular WiFi hotspots to build fake WiFi, luring netizens into the "honeypot" trap; in home WiFi environments, hackers can access personal wireless networks by cracking passwords, etc. Then, they may cause people to suffer losses without knowing it.

▼ ▼ ▼

Practical test: It only takes 10 seconds to steal account passwords on public WiFi

In daily life, we often see free WiFi, such as in restaurants, airports, hotels, train stations, etc. Many people connect to these free WiFi to save data. However, when you feel that you have got a great bargain and feel complacent about using free WiFi, the consequences may be unbearable for you.

(Photo source: CCTV News)

A CCTV reporter once conducted a test with an engineer from a mobile phone security research institute. In a public place that provides free WiFi, the engineer used a piece of software to easily obtain the mobile devices and address information of nearby Internet users. This software can achieve network penetration functions such as detecting passwords, hijacking sessions, and disconnecting the network.

The mobile phone security engineer found the IP address of the reporter's experimental mobile phone, activated the password detection function, and monitored the reporter's online behavior at any time. Then, the reporter used the mobile phone to open a financial management software and entered the account number, password and verification code information. Less than 10 seconds after clicking to log in, a long string of data appeared on the monitoring mobile phone. The reporter saw that the account displayed on the detection mobile phone was exactly the account number of the reporter's financial management software. Then, the mobile phone security engineer used professional tools to analyze the string of ciphertext data, and the password displayed was exactly the same as the password of the reporter's financial management account.

▼ ▼ ▼

There is a kind of "cracking", which is actually "sharing by yourself"

In fact, when it comes to WiFi password cracking and free connection, many people probably think of Master Key apps first.

The working principle of this kind of app is very simple. You, me, and him share the password of your home router, the password of your friend's router, the password of the public WiFi of a store or restaurant consciously or unconsciously to the cloud server of WiFi Master Key. When others send access requests again, they start searching in the server to see if there are any passwords saved around. If yes, then congratulations, you can start surfing the Internet! Of course, in addition to this, it will also try some weak passwords (such as 12345678, 88888888, 66666666, woshishuaige, etc.).

Strictly speaking, it is not a password cracking service, it can only be regarded as a password sharing service. When you use it, you first need to share your WiFi password and store it in its cloud. When many people share it, and you happen to be around the shared WiFi, you can easily log into other people's WiFi. In short, everyone is sharing their password to the cloud.

This is like "taking advantage" and "giving away" your WiFi. When your password is no longer a "password", it loses its protection function. Once you are targeted by hackers, please refer to the previous two subheadings.

||||

(Content compiled from: CCTV Finance, Guangzhou Daily, Economic Observer, CCTV News, Voice of Chinese Academy of Sciences, People's Post and Telecommunications, etc.)

Produced by: Science Central Kitchen

Produced by: Beijing Science and Technology News | Beijing Science and Technology Media

Welcome to share to your circle of friends

Reproduction without authorization is prohibited