Tuesday, December 6, 2011

How to be safe while surfing the web via Wi-Fi



You may already know that it is possible to "hack" whatever someone is doing on their Android phone while browsing the web, using an unprotected wireless network (say a McDonald's public hotspot -- if you can find one that actually works, haha).

There's this app called Wifi Protector, developed by XDA member gurkedev, which... well, does what its name says : protects you while on an unprotected wireless network (which we find in many public places nowadays). Wifi Protector is an Android security app designed to detect and prevent ARP (read below to see what this is) poisoning attacks against your phone, while connected to a public Wi-Fi hotspot.

------------------------------------------------------------------------------------------------------------
ARP spoofing (also known as ARP cache poisoning or ARP poison routing) is a technique used to attack a (wireless) local area network (W/LAN). ARP spoofing allows the attacker to intercept data frames on a LAN, modify the traffic, or stop the traffic altogether. The attack can only be used on networks that make use of the Address Resolution Protocol (ARP) and not another method of address resolution.
------------------------------------------------------------------------------------------------------------

The application runs a service on your Android device that continuously monitors network-related parameters. When abnormal behaviour is detected (data sniffing, that is), an alarm is triggered. The alarm type can be configured and it works on unrooted phones. You can also configure the phone to make it immune against this kind of attacks, but you have to be rooted in order to do that (which is what I would reccomend).

You can download Wifi Protector from the application's XDA-developers thread, here, for free (if you are an XDA-developers member) or the paid application from the Android Market, here.


------------------------------------------------------------------------------------------------------------

I have installed this app - just to test it, as I don't actually fear my data being stolen because I don't really connect to public hotspots.

Tried to connect to a public MSI router I have came across downtown this morning. Checking my e-mail and Twitter and opening links for like 15 minutes... no threats detected.


It's funny. I have a Huawei HG655b router at home (yeah, it's kind of not-so-good, but it does its job). WPA2 encryption is enabled, of course, set to TKIP+AES (which, a friend of mine working in this domain, adviced is the best), so I'd say it's pretty secure... But Wifi Protector said I'm under attack!


In the screenshots below, you can see the Settings menu of the app (I was looking for something to tick so I can be shielded).



And now, finally, I am safe, using my own personal router at home, haha.



The red image indicated that an attack was detected (as my phone also vibrated) and blocked, and the blue one in the second screenshot indicated that I was safe. Strange, though; my phone started to cycle between the two every 2-3 seconds, as in I was attacked every couple of seconds. I think this is due to my router being not-so-good... or my ISP is actively looking over me :/.

I'll tell you this : alarm is set to vibrate AND ring by default. Guess what alarm was used to inform me that I was under attack? The same ringtone that is used for incoming calls. You've been warned ^^.

9 comments:

  1. i just tried this app at home with my asus router, it says im under attack too LMAO!!!

    ReplyDelete
  2. From now on I wont be afraid of anything =D

    ReplyDelete
  3. I just tested this aplicatien and it has the same error like i am under attack (router linksys)

    ReplyDelete
  4. i think it gives a lot of false positives, not sure though, but i hope it works with real attacks

    ReplyDelete
  5. I'll have to try this as soon as I get an Android phone, I'm waiting for an Ice Cream Sandwich capable phone to come out first. Can't wait it looks awesome.

    ReplyDelete
  6. My iphone is jailbroke, its nice to have my own firewall /flex ! Lol ! Dont be fooled its all scary on someone elses wifi !

    ReplyDelete
  7. im glad that there's something i can do. thanks for this.

    ReplyDelete