An experiment showcasing the dangers of free public Wi-Fi got a number of people to exchange their first-born child, just so that they could enjoy surfing the web. The experiment, a brainchild of a certain security firm, created a Wi-Fi hotspot in Central London and then waited for their first target.
While connecting to the hotspot, the users had to agree to terms and conditions, especially one that was called the ‘Herod Clause’, which agreed to free Wi-Fi only if the users “agreed to assign their first-born child to us for the duration of eternity.” (An April fool prank carried out by Gamestation, 2010, inspired the clause wording).
Around half a dozen people agreed to these bizarre terms, which thankfully, the security firm had no plans to enforce. The main aim of the research was to illuminate security issues associated with public Wi-Fi use.
Apart from showing the users how easy it was to con them (they didn’t read the terms and conditions), the researchers exposed another serious issue that allows the providers of the Wi-Fi hotspot to see and store everything that the users see and log into.
According to Mirror.co.uk, the same firm tested this again by placing a Wi-Fi hotspot in Central London. Within 30 minutes, around 250 devices (laptops, mobiles and tablets) connected to the hot spot and more than 30 people were seen checking their emails and browsing the Internet.
The security firm was easily able to capture all the data sent and received, including the usernames and passwords. They tried to educate the people by making them realize that any criminal could easily hack into and collect their personal data this way.
Criminals don’t need to set up their own Wi-Fi; they can look into the service that is providing the Wi-Fi to get what they want. This is usually done by copying a particular hot spot name and then ‘catching’ people’s devices by having a stronger signal and passing on the traffic towards a legitimate source.
This means that the criminal here is the middleman; all the data would pass through his device first.
The best way to avoid such a nightmare is to probably to avoid public Wi-Fi altogether or use a VPN (virtual private network) to save you from prying eyes.