Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Wi-Fi at DEF CON - dealing with the worlds most dangerous network

Michael Horowitz | Aug. 24, 2015
The wireless network at the DEF CON hacker conference has been called the most dangerous in the world.

The wireless network at the DEF CON hacker conference has been called the most dangerous in the world. Members of the press were warned beforehand that "This is a Hacker Con, so consider the public network at DEF CON profoundly hostile! ... keep your Wi-fi and Bluetooth disabled as much as possible." The press room at the conference offered a private Ethernet connection to the outside world. I heard that staff at the DEF CON hotels (Paris and Bally's in Las Vegas) were telling guests to turn off their Wi-Fi.

In the days after the conference, I ran across four articles from people who attended DEF CON, all with a common theme of avoiding the Wi-Fi.

defcon.2015.620wide

My defensive stance was taking a Chromebook to the conference. I used the machine, offline, to take notes, saving a copy both to a thumbnail sized USB flash drive and the internal Chromebook storage.

There were two Wi-Fi networks at DEF CON, one was totally open and the other locked down with WPA2/ 802.1x (a.k.a WPA2 Enterprise).

Perhaps I'm naive, but I felt no danger connecting the Chromebook to the public, open, unsecure network. Of course, I would only do so in Guest Mode.

Guest Mode in Chrome OS lets anyone use the machine - no password or Google account needed. It also hides all files stored on the machine by other users. When you log out of Guest Mode, anything you changed (such as saved files, bookmarks, etc.) is un-done. 

Of course, I was wary of any web page delivered by the open network. All open Wi-Fi networks are ripe for data manipulation, so if CNN reported that Martians landed at the White House, I would have seen it for the prank it was.

And, I was pranked indeed. 

When I first connected to the open network, I went to see what DNS servers I had been assigned. Malicious DNS servers are one of the oldest tricks in the Wi-Fi hackers book. My favorite site for this is DNS leak test and I was shocked when Chrome warned that "The site ahead contains harmful programs." The site was trustworthy both before and after DEF CON. My only clue as to the nature of the hack is that the "https" displayed by Chrome was gray rather than the normal green and there was no lock icon. This combination of indicators is not supposed to happen.

The network deserves its reputation.

Hacking open Wi-Fi networks was all the rage in Vegas, both at DEF CON and the B-Sides conference that preceded it. It was enough already. I found the other Wi-Fi network much more interesting. 

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.