Regarding these open networks, Lyne said "users wrongly assume this means their information is encrypted and protected when in reality it is being beamed out in clear text for anyone to pick up". The message here is that users should refrain from sending passwords and other crucial information over these open networks. Lyne's research went further, creating an open network with a 4G modem and a captive portal page to see how many users would log on to it.
"Our experiment found a large number of people willing to connect to an open wireless network we created, without any idea of who owned it or whether it was trustworthy", Lyne said in a statement.
"This willingness to connect to any wireless network that professes to offer free Wi-Fi, without ensuring you have some kind of security measures in place, is like shouting your personal or company information out of the nearest window and being surprised when someone abuses it. With a few extra command line arguments, it would have been trivial to attack nearly everyone in our Sydney hotspot study".
Most worrisome was the behaviour of users on these open networks. Lyne found that many people were logging on to Facebook and Twitter, as well as Web-based mail, and even banking sites. Lyne stated that "only a tiny minority (1.20 percent) actually took responsibility for their own security by using a Virtual Private Network (VPN) or forcing secure web standards".
Sign up for Computerworld eNewsletters.