NCSAM/2011–Post 10–WiFi is MITM central
So, why all the fuss about securing Wi-Fi?
And what’s this “MITM” you talk about in the title of this post?
MITM is a common abbreviation for “Man In The Middle”, a type of computer security attack, in which the attacker sits between the two ends of a conversation. As you can imagine, if you call your bank, and there’s someone in between you and your bank, they can pretend at the same time to be both you and the bank.
Attacker (in the middle)
| || ||<Good morning, welcome to Berkley’s Bank |
| ||<Good morning, welcome to Berkley’s Bank || |
|>Hi, I’d like to transfer $100 from my account into account XYZ || || |
| ||>Hi, I’d like to transfer $1000 from my account into account ABC || |
| || ||<Sure, please identify yourself. |
| ||<Sure, please identify yourself || |
|>[Secret code] || || |
| ||>[Secret code] || |
| || ||<Thanks, it’s a pleasure doing business with you. |
| ||>Likewise. || |
So, as you can see, it’s a bad idea to let an attacker get in between you and your bank – or your job, or your home, or anything to which you are communicating where it is important to be sure that you get uninterrupted and unintercepted communication.
In the old days, this was hard
For the longest time, security had an easy out – you could actually tell people “sure, someone could listen into that conversation and/or alter it, but they’d have to be in a position of responsibility, such as the network provider, the telephone company, the bank, etc”. Which was pretty much true, because it was really unlikely that someone could actually steal your communications without already being in the sort of position that allowed them full and trusted access to the sort of information you might want to keep from an attacker.
You already trust the phone company, the ISP, the bank, etc, that you use, so you’re not in a worse position by continuing to trust them.
The wrinkle in all of that is when you are in a situation where you cannot trust the communications medium that you use.
Public – really public – networking
You may think you’re on a public network whenever you use the Internet, and to a limited extent this is true – you can reach other people on the Internet (if they let you), and they can reach you (if you let them).
When you’re using Wi-Fi, however, by definition the medium over which you communicate is a public medium in the truest sense – it is broadcast, as if everyone were bellowing over megaphones. And when your computer receives a message from the coffee shop’s wireless router, inviting it to connect, it has no means of distinguishing that from a similar message sent by the attacker sat at the next table over.
Is an attacker really likely to be sitting in your coffee shop?
It depends – if you were an attacker, would you hang out there? Certainly coffee shops where employees go to talk about secret projects are going to be targets. Is it worth taking that risk, when there are some relatively simple measures you can take to protect yourself?
What about the other places you connect to for wireless Internet and then conduct your business (whether personal or work) – I’ll bet there’s an attacker sitting in range of the airport Wi-Fi, in the library, at the University book store, at the school.
And the attackers have tools that make it dreadfully easy to hijack your traffic if you aren’t taking good measures – such as always connecting to your ‘home’ VPN. Sadly, the attackers don’t even need to be all that bright to intercept your traffic any more, if you aren’t using a VPN.
Are there any other public networks?
There can be – we have certainly seen that some cable TV providers, when they added Internet connectivity as a service, forgot to prevent your traffic from being seen by your neighbours. They should be mostly over that by now, certainly if you have a big name cable provider like Comcast. But if you can’t trust your cable company to provide you with quality TV, you can’t really trust them to have your security in mind when provisioning Internet service.