Great, another reason not to trust public Wi-Fi | usagoldmines.com

On an unsecured network—like public Wi-Fi networks—hackers can quietly insert themselves between you and the websites you visit. These “machine-in-the-middle” attacks (previously known as man-in-the-middle) allow those bad actors to spy on your internet activity or outright manipulate the data passing through them.

You might have heard loud warnings about this years ago, but less so recently. This change was in part due to updates in Wi-Fi implementation—ones that made wireless networks more secure. Or, at least, that was the thought until last week, when news broke about a new Wi-Fi attack called AirSnitch.

What is AirSnitch?

Discovered by researchers at the University of California Riverside, this attack breaks a couple of key protections in Wi-Fi.

How? In response to the rise of machine-in-the-middle (MitM) attacks, modern networks strengthened their use of encryption. They can also isolate connected devices (“clients”) from each other—that is, devices cannot directly interact on the network. Traffic is passed only through the router or access point. Without client isolation, devices can see and communicate with each other.

Client isolation can be a major benefit on public Wi-Fi networks, which are often left open to all devices. But even on password-protected networks, this feature boosts security by preventing more vulnerable clients (like IoT devices, which can be difficult to secure) from interacting with your PC, phone, etc.

AirSnitch undercuts encryption and client isolation by exploiting weaknesses in their implementation.

How does AirSnitch work?

Networking’s inherent complexity is why AirSnitch is possible. When we send information through a network, the standard for such communication is divided into seven layers. Layer 1 involves the physical hardware needed to transmit the data, like cables and switches. Layer 7 is an application like your browser. In between them sits the different steps necessary to translate what’s generated by hardware into what you see during tasks like web browsing or downloading email.

Cloudflare

The UCR researchers discovered that right now, manufacturers of networking equipment don’t encrypt and isolate devices consistently across networking layers. This gave the team openings to slip in and insert themselves in the data transmission process. Similarly, the use of group encryption keys (that is, keys shared across all clients) could be exploited to also carry data to other devices on the network.

How do you protect against AirSnitch?

Until manufacturers come together to both standardize and improve client isolation, a lot of old advice applies here.

For public Wi-Fi networks, treat them as insecure. Stay off them for sensitive activity on your phone, whether that’s checking your bank balance or receiving confidential email. If you must join one, use a VPN.

For a home network, only allow devices you trust to join. Put IoT and guest devices on a separate, password-protected network, ideally configured using the WPA3 protocol if workable. (Some older or cheaper devices are only compatible with the older WPA2 protocol.) I also tend to recommend turning off your guest network when not in use, as they’re usually only segmented from your main home network through software. If that’s not implemented well, it can be an opening for an attacker. (At minimum, put a decent password on your guest network.)

What about Ethernet connections?

In case you were curious: Networking is networking, so Ethernet isn’t inherently safe from client isolation attacks. Its advantage is that if you shut off Wi-Fi on your home network, a hacker can only attack your devices if they connect via Ethernet, too.

(Overall, client isolation attacks are a “the phone call is coming from inside the house” type of scenario, but going Ethernet-only makes it literal.)

But for most people, a wired-only home network isn’t realistic.