Skip to main content

Alumni (Retired)


572 Messages

Wed, Apr 1, 2015 11:00 PM

Free Wi-Fi can prove costly for users

Free WiFi


The next time you hook on to a free Wi-Fi network with your phone at your favourite cafe, beware: Hackers could latch onto your phone's signal to break in.


Smartphones have a preferred network list of Wi-Fi points that they can connect to automatically.

Information on this list is transmitted and sent out as signals when the connection is taking place, and a person who has specialised tools and knowledge can intercept the transmission and eavesdrop on this list. With this, that person can then break into a phone and steal data.


That was what cyber security analyst and penetration tester Daniel Cuthbert did while sitting in at the keynote address at the information security conference Black Hat Asia held in Singapore recently. Hackers can get details on where you work or which coffee shop you frequent, based on the network name.

Mr Cuthbert, who is chief operating officer of security consultancy SensePost, said: "If I want to stalk somebody and learn their pattern of behaviour, I can."


He was one of 43 speakers at the conference, which gathered about 500 attendees. The conference was aimed at discussing emerging cyber threats and finding ways to improve security.

Cyber security has become a key concern for Singapore, in the light of the rising number of hacking cases and security leaks, leading to efforts like the Cyber Security Agency being launched today.

Presenters at the conference showed how easy it is to hack into mobile phones and devices. Among other things, hackers can hack into mobile phones, sell and share credit card information, or even disable a car as it is moving.


Freelance systems developer Eric Evenchick, 24, showed how a car can be controlled by plugging a USB tool he designed into the diagnostic port under the dashboard.


It allows a user to access a car's controller area network, and he can then control anything from the headlights to the windows to even the brakes. And "spamming" the car's electronics with data can cause its system to shut down from being overwhelmed.


Mr Evenchick said: "Automobile manufacturers didn't really expect people plugging into their systems. But with more cars being able to connect to the Internet, it exposes a whole bunch of functionalities the automobile folks never really secured."


While such vulnerabilities are being exposed at hacker conferences to jolt developers into improving their systems' security, Mr Cuthbert said users can and should take precautions as well. "There needs to be greater user awareness. For example, we need to stop being so trusting when it comes to wireless networks."




Honored Advisor


61 Messages

6 years ago

So I have to careful when using public wifi including wireless@sg and singtel wifi?

Grand Guru


4.4K Messages

6 years ago

Is this April Fool joke!

Anyway, i did come across this type of comment about free Wifi.
Since about this subject.

There are different type of free wifi.

1. Free wifi as "Open", no need of password, security, etc; and straight connect.
If you do come across this method, then do not use wifi at all.

2. Free wifi from sg (official) and telcos.  Acceptable.

3. Free wifi that can log in straight using SIM & mobile numbers, which is new and mostly available in New Mobile.
This is too easy to setup, as there are no security mentioned about this.

4. There are many free wifi providers, beside sg & telco. As long as under telco or sg (official) this may be acceptable.
Those require you to sign up first, this i rather not to sign up, as thy do not provide or indicate that they have security and you may find yourself inside someone marketing company.
This is so, as they never reveal how they can provide such a service Free of Charge wifi, or who is paying them to have such a service. Where is their source, is it from some marketing company...

So you need to ask yourself before you just anyhow sign up one of those free wifi.

They can send you all sort of marketing promo, as you had sign up, which include that you have accept their T&C. DNC (Do Not Call) is null & void as you agreed in T&C.

Note: This is just my view and opinion.


Community Sheriff


378 Messages


1 Point

6 years ago

A really easy way is to mimic a known ssid with your own device. Read up on it on the 'net
Please do not send me enquiries via PM, I may not read them in time to help address your issues

Alumni (Retired)


572 Messages

6 years ago

Just be careful k. Especially when visiting cafes.

Get Started

Get Started