dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3296
share rss forum feed

kill99

join:2014-02-08
canada

[ALL] Shaw Go WiFi

I am on the fence whether to allow usage of Shaw Go WiFi for my family. My main concerns are the following:

1.) Someone broadcasts their SSID as "ShawOpen" and records the registered device's MAC address. Attacker clones the recorded MAC address to get his/her device to other Shaw Go WiFi hotspots.

2.) Someone can spoof "ShawOpen" as well as the login page (I notice from the videos. The login credentials are stolen. Attacker uses the stolen credentials to connect to other Shaw Go WiFi hotspots.

In both cases, the attacker gets free Shaw Go WiFi access, and at the same time, the bandwidth usage will count towards the victim's account. Victim might just have his/her data usage spike up without knowledge.

Do you guys know if Shaw is doing anything on their end to prevent these scenarios? Is Shaw doing some form of rogue AP mitigation? or is it an open battle out there? I know that there is a Shaw Go WiFi app indicating the locations of Shaw Go WiFi hotspots, but the honeypot will most likely be located within these hotspots' proximity. Adding the fact that your device will auto-connect to an SSID of "ShawOpen", the Shaw Go WiFi app does not help much.



The E
Please allow me to retort
Premium
join:2002-05-26
Burnaby, BC
Reviews:
·Shaw

I don't believe much is happening in the background. While something like this May exist, really.... how likely is it to happen? And then, how likely are you to actually stumble upon it?
Sounds a tad paranoid to me.
--
"All opinions stated by me are solely my views and do not reflect the views of my employer, this site, or even myself depending on my level of sanity at the moment"


kill99

join:2014-02-08
canada

said by The E:

I don't believe much is happening in the background. While something like this May exist, really.... how likely is it to happen? And then, how likely are you to actually stumble upon it?
Sounds a tad paranoid to me.

The chances are slim but either way, it does not matter if these things are likely to happen or not (and they definitely do happen), I would still rather be informed about how these things are being prevented.

kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3
Reviews:
·Shaw
reply to kill99


said by kill99:

1.) Someone broadcasts their SSID as "ShawOpen" and records the registered device's MAC address. Attacker clones the recorded MAC address to get his/her device to other Shaw Go WiFi hotspots.

They could do this from any ShawOpen location, without running their own and do the same thing too - but could use anybody'd MAC, and wireless NICs that allow you to change the MAC address are not common, it isn't like the wired NICs

said by kill99:

Someone can spoof "ShawOpen" as well as the login page (I notice from the videos. The login credentials are stolen. Attacker uses the stolen credentials to connect to other Shaw Go WiFi hotspots.

If you register your devices before hand in Online Customer Care, if you see a login screen, you'll know it is fake, as your devices will already be registered

I doubt Shaw is doing much about it, nor care at this point, why put the effort into these scenarios, a bit of transfer that isn't paid for, will cost a lot less than the man-hours to setup the prevention
--
Yes, I am not employed and looking for IT work. Have passport, will travel.

tlhIngan

join:2002-07-08
Richmond, BC
kudos:1
reply to kill99

Actually, NICs that allow spoofing of MACs are common enough - practically all let you to some extent since the programmed MAC has to come from somewhere during manufacture. (Having worked with 802.11n devices, I've overridden how drivers get their MAC addresses to fit with our production methods and programming, but there's nothing to say we couldn't make it whatever we wanted it to be).

Though I do admit to not knowing that Shaw Go WiFi actually counts against you. Alas, they probably don't offer full services like your home connection.

As for spoofing the page, it's fairly easy to do, the most expensive part is a suitably high powered router (to get the most people, you want the most "bars") and the cost of a SSL certificate so it doesn't pop up browser warnings. Most people won't bother about the whole login screen thing - they'll probably thing maybe the cookie was deleted or something and they'll happily log in again.

If it's that big a concern, don't use the WiFi - no one says you HAVE to. I don't, I just use 3G while I'm out and about.



humanfilth

join:2013-02-14
cyber gutter
reply to kill99

My concern would be what credentials you use to login to the wifi.

If you are using your account credentials(billing), thats bad.

If you use a special wifi credential(non-email user name and password), thats better and you know your Shaw account is somewhat safe.

But spoofing is so simple and most end users don't question what they logged in to, as long as the Internet works.

The 'firesheep' wiki page gives a good read.
»en.wikipedia.org/wiki/Firesheep

In my neighborhood, there is what appears to be an open router(no lock) with dual wifi networks, but connecting to it, puts up a Cisco log in page. So the log in may be encrypted, but using it may be wide open with no wifi traffic encryption.
--
When peasants own the government, there is freedom. When the government owns the peasants, there is tyranny
Knowledge and curiosity are not crimes and those who are curious should not be treated like criminals.. »www.eff.org/https-everywhere



GoWiFiBusi

@shawcable.net
reply to kill99

I have Shaw Go WiFi at my business. 8+ AP's. I can't see why anyone would go to the trouble of hacking any users credentials on Go WiFi.

It is limited to 5mbps down...

Interestingly however if you run a app to view all clients on Go WiFi it finds more then just the ones at your business. It would take me 60 seconds to have 100's of MAC addresses.



Baud1200

join:2003-02-10
Reviews:
·Shaw

4 edits

said by The E:

I don't believe much is happening in the background. While something like this May exist, really.... how likely is it to happen? And then, how likely are you to actually stumble upon it?
Sounds a tad paranoid to me.

Nothing is "Stumbled upon". They are specifically sought out by scanner apps. If the WiFi connection isn't using radius with a certificate, and it has a decent amount of usage traffic, its childsplay to download backtrack/kali watch a few YouTube clips, and destroy the security of most basic WiFi setups.

Leaning on praying for general social ignorance is not a substitute for proper security. If you are in a large city there are (guaranteed) people with hardware that will transmit/receive for +-2 miles to reach your personal WiFi router, let alone mess with the Shaw ones.

said by GoWiFiBusi :

...I can't see why anyone would go to the trouble of hacking any users credentials on Go WiFi..
It is limited to 5mbps down...

Set up a LAGG with 4-8 of them depending on your hardware and you are getting a connection with upload speeds Shaw will charge you your left nut for, let alone the Anonymous +1 factor for your server being multi honed, and spoofed MAC ofcourse.

said by GoWiFiBusi :

I have Shaw Go WiFi at my business....
Interestingly however if you run a app to view all clients on Go WiFi it finds more then just the ones at your business....

Likewise they can see all of yours... No offense, but time to invest in proper hardware for a business setup -.-
Considering only one malicious user accessing your network and placing contraband pornography or similar content on any of your client machines could finish a business, let alone the legal liabilities.


GoWiFiBusi

@184.70.206.x

Upstream appears to be capped at 512kbps.

We don't use Go WiFi for any kind of business related stuff. Just for customers.



Kinzy

@shawcable.net

no its not ive gotten 3mbit up on shaw go wifi here in whistler.



anon895e

@telus.net

I don't see the point of Shaw Go Wifi at all. I have a decent limit on my cell phone data plan that I never exceed. Why would I go from an average 35 Mbit LTE connection to 5 Mbit? Stupid investment on Shaw's part if you ask me.



Kinzy

@shawcable.net

said by anon895e :

I don't see the point of Shaw Go Wifi at all. I have a decent limit on my cell phone data plan that I never exceed. Why would I go from an average 35 Mbit LTE connection to 5 Mbit? Stupid investment on Shaw's part if you ask me.

i am 100% in agreement.


humanfilth

join:2013-02-14
cyber gutter
reply to anon895e

said by anon895e :

I don't see the point of Shaw Go Wifi at all. I have a decent limit on my cell phone data plan that I never exceed. Why would I go from an average 35 Mbit LTE connection to 5 Mbit? Stupid investment on Shaw's part if you ask me.

One of those things where you can 'attempt' to fool customers in to the old 'we are everywhere', so please buy our landline internet because 'extras'.

Too bad Shaw couldn't afford to do that cellular phone network. Now that would of been slightly more useful in not having to find a shaw go wifi hotspot, since being able to do 55mph for hundreds of miles and surf the net as your chauffeur drives you places.
--
When peasants own the government, there is freedom. When the government owns the peasants, there is tyranny
Knowledge and curiosity are not crimes and those who are curious should not be treated like criminals.. »www.eff.org/https-everywhere

kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3
Reviews:
·Shaw
reply to anon895e

said by anon895e :

I have a decent limit on my cell phone data plan that I never exceed

Many people don't have that luxury... - Personally the cellular provider I was on cancelled the unlimited data, put me on a 500MB data cap, I went through it in 2 days

Changed providers now, I would have rather Shaw built their cellular network

That, and my laptop doesn't have a cellular radio, the ShawOpen spots work well enough for it
--
Yes, I am not employed and looking for IT work. Have passport, will travel.

tlhIngan

join:2002-07-08
Richmond, BC
kudos:1
reply to anon895e

I don't know, I can see a benefit. I see several ShawOpen APs from my office, so if I can connect to them, I can have stuff like streaming radio and all that without having to incur the wrath of office IT.

Of course, if I can steal the credentials of someone else, I can do streaming radio, torrents and large downloads without worrying about exceeding my bandwidth quota.