[SOLVED] Unsecured WiFi but web login required

icel3oi

Distinguished
Jun 19, 2008
31
0
18,530
Want to know if this type of WiFi network is secured:
The SSID / initial connection when u choose the WiFi to connect to from the laptop does not require a password (Does not use WPA2/WEP/WPA or anything at all), but after connecting, a webpage will pop up automatically and requires u to authenticate to use a network, usually with userid and password OR a 1 time access key.

Since the WiFi itself is not encrypted via WPA2, is this type of web-based authentication provides encryption over the web if i were browse the web using this WiFi network? Can a hacker sniff my data in plain text?
 
Last edited:
Solution
It is likely some form of interception software. Most times what they do is redirect the first web page to their server. It then puts in a firewall rule that allows that mac/ip to get access. So in effect it is a automated firewall rule generator.

Someone in theory could capture the traffic but you must always assume someone can capture the traffic. Wifi encryption just makes it a bit harder to obtain the data but that does not mean say the hotspot can't have been compromised or the company offering the service themselves hacking.

You need to be sure you use HTTPS for web traffic. It provides end to end encryption so it does not matter where the hacker intercepts your traffic.

More the issue on a open network is not so...
It is likely some form of interception software. Most times what they do is redirect the first web page to their server. It then puts in a firewall rule that allows that mac/ip to get access. So in effect it is a automated firewall rule generator.

Someone in theory could capture the traffic but you must always assume someone can capture the traffic. Wifi encryption just makes it a bit harder to obtain the data but that does not mean say the hotspot can't have been compromised or the company offering the service themselves hacking.

You need to be sure you use HTTPS for web traffic. It provides end to end encryption so it does not matter where the hacker intercepts your traffic.

More the issue on a open network is not so much the interception of traffic but the direct attacks on your machine. It is easier to attack a machine on a non encrypted network because many times there is no also no restriction about communication between devices and observing your traffic even though it is encrypted give clues to what attacks might work. Just because it is wifi encrypted does not mean this can't be done on those networks especially ones that use simple preshared keys rather than use enterprise mode where each user has their own initial keys.

All you can do about direct attacks is make sure your firewall is on public which is the most restrictive and that you stay somewhat current with software patches.
 
Last edited:
Solution
It is likely some form of interception software. Most times what they do is redirect the first web page to their server. It then puts in a firewall rule that allows that mac/ip to get access. So in effect it is a automated firewall rule generator.

Someone in theory could capture the traffic but you must always assume someone can capture the traffic. Wifi encryption just makes it a bit harder to obtain the data but that does not mean say the hotspot can't have been compromised or the company offering the service themselves hacking.

You need to be sure you use HTTPS for web traffic. It provides end to end encryption so it does not matter where the hacker intercepts your traffic.

More the issue on a open network is not so much the interception of traffic but the direct attacks on your machine. It is easier to attack a machine on a non encrypted network because many times there is no also no restriction about communication between devices and observing your traffic even though it is encrypted give clues to what attacks might work. Just because it is wifi encrypted does not mean this can't be done on those networks especially ones that use simple preshared keys rather than use enterprise mode where each user has their own initial keys.

All you can do about direct attacks is make sure your firewall is on public which is the most restrictive and that you say somewhat current with software patches.

That is a very in-depth reply, thank you for your explanation. I have just a question: you mention "company offering the service themselves hacking", what if the company providing the service is a trusted service provider? That just means that i only reduce one possibility of being hacked(from that service provider)?
 
But who can you really trust. Who is really doing the work. It tends to be outsourced or contracted through other companies who in turn outsource and contract it out some more. All it takes is one person who can be paid off or in many case is just incompetent.
This is like facebook that claims they don't misuse the information they collect but then they fail to secure the use properly and it gets misused by someone else. Sure THEY did not misuse it but the end result is the same.
 
  • Like
Reactions: icel3oi
But who can you really trust. Who is really doing the work. It tends to be outsourced or contracted through other companies who in turn outsource and contract it out some more. All it takes is one person who can be paid off or in many case is just incompetent.
This is like facebook that claims they don't misuse the information they collect but then they fail to secure the use properly and it gets misused by someone else. Sure THEY did not misuse it but the end result is the same.
Ahh ok, understood your point :) Thanks again!
 

TRENDING THREADS