Tag Archives: vpn

Attackers Target Senior Executives Using Hotel Wi-Fi

Need a reason not to use free hotel wi-fi without a VPN? How about spear-phishing and targeted attacks against you by people who your real name, your room number, and expected arrival and departure times? According to the article, some of the tactics used include Adobe Flash zero-day exploits, fake software updates containing malware, and embedded iFrames redirecting to phony installers.

When you connect to any wi-fi network, you must assume it is hostile and act accordingly. Even if you’re not a senior company executive, here’s an example of the types of attacks that could be used by a rogue Wi-Fi network against various password managers; if you use one, yours could be among them. It’s interesting to note that iFrames are also involved in one of the “sweep attacks” described by the paper.

The Lowdown on Phone Carrier UIDH Injection

Over the past few days, media outlets have been reporting that Verizon has been inserting a string of letters and numbers called a UIDH into outgoing http requests made by its customers. The string uniquely identifies a specific device. The diagram in Jonathan Mayer’s blog post provides a good picture of how the process occurs and how this string can be used. Basically, a website that receives the string can pass it along to an advertising exchange which in turn pays Verizon for information on the subscriber that allows them to show more relevant ads.

Mayer’s post states that at a minimum, Verizon reveals Continue reading The Lowdown on Phone Carrier UIDH Injection

Comcast Injected Ads Highlight One More Danger of Public Wi-Fi

Comcast has begun injecting ads into webpages accessed by users using one of its 3.5 million public Wi-Fi hotspots. With this action, Comcast joins the list of businesses (e.g. airports) that provide Wi-Fi service with ads.

The injection itself happens using Javascript. Despite Comcast’s claim that they have “multiple layers of security ‘based on industry best practices,'” a staff member of the EFF says even if Comcast has no malicious intent, and even if hackers don’t access the Javascript, the interaction of the Javascript with the website could create new security vulnerabilities. To prevent the ad injection, he recommends using https, which isn’t provided by all websites.

Another potential solution is to use a VPN, which encrypts all the traffic between you and the VPN provider instead of between you and the website.

I have not personally used one of these public hotspots, so take this with a grain of salt, but it may help to turn off all Javascript while using the hotspot. Using a browser extension like NoScript probably won’t work because a normally trusted, unencrypted webpage with an ad injected will likely appear to be coming from the same trusted domain. Continue reading Comcast Injected Ads Highlight One More Danger of Public Wi-Fi