Today I went on an article about drones advertising fake Wifi for stealing informations:
Hackers have developed a drone that can steal the contents of your smartphone — from your location data to your Amazon password — and they’ve been testing it out in the skies of London.
If you are not worried by security concerns regarding your mobile connectivity, or simply you are not curious on what is possible to do with your mobile, you should consider how pervasive is technology and how bugs or flaws (like in this case) grow with complexity at exponential rate.
Maybe right now you are walking in a shopping mall where, with 20€ and an afternoon on hacking some open source softwares, a guy placed a wireless router for stealing you’re information out of your pocket.
This is not a new vulnerability, but Google and Apple don’t care about it, yet.
The weakness settles on the Wifi discovery process, by which the phone broadcasts probe requests for finding trusted networks, like ‘alice-1234 are you there? Xxxcorporate-wifi are you there?’.
A malicious hotspot may impersonate a known hub and forces the mobile to access internet through it, with undesirable consequences on your privacy.
Do you turn off Wifi on your mobile when you quit home or your workplace? It could prevent any kind of spoofing out of your handset.
I am trying an app to do that, Smart Wifi toggler which turns off Wifi automatically when you leave a place covered by a trusted hotspot, and enables it when you come back. It was build for saving battery, moreover, it could save your precious informations.