Last year, Skycure hacked my iPhone
in just a few minutes and I was immediately convinced that network
attacks were a problem. Though this was an extreme example, we've long
been warning our readers about the dangers of public Wi-Fi networks
and the prevalence of attacks that can silently sip your personal data
without your knowledge. But yesterday, Skycure's CEO and co-founder
Adi Sharabani showed me a new tool that makes those invisible attacks a
little easier to see.
Just search a location on maps.skycure.com and you can see how many naughty networks are in your area. You might be surprised, or just plain horrified.
How it Works
The site is built on Google Maps, so search for any location as you would normally. Skycure then searches through its database of known malicious networks, and places pins on the map for any nasty network its users have encountered in that area within the last six months. Results are shown within a red circle.
I find that being specific yields the best results. An address in Manhattan yields far more useful data than a search for "New York, NY." For broad searches like these, Skycure's search radius is just too small and centered apparently at random.
Not surprisingly, Skycure Maps works best in urban areas where there are lots of people and lots of Wi-Fi networks. Searching my hometown in Michigan turned up two results for the entire lower peninsula, both of which were (not surprisingly) at the airport. Obviously, the big limitation of Skycure maps is the number of users the service can draw data from and where those users have been.
The data for the map is drawn anonymously from Skycure users. When a user connects to a network, Skycure tests it to see if everything is on the up and up. If it's not, a warning appears on the user's phone and the unsafe network is logged on Skycure's servers. Skycure uses this knowledge of malicious networks, the network's location, and the network's hardware configuration, to better protect its users.
Skycure says that although the map's information comes from users, it's entirely anonymized. "We do not have any visibility to any data on your device, your emails, passwords, or the ability to do so," said Sharabani. "But we prevent the attackers from having the ability to do so."
What You'll See
You can click each pin to see the name of the suspicious network, and a brief description of why it's dangerous. Sometimes, you'll see a Google Street View image, too. Sharabani says that the location of the Wi-Fi network is accurate to within a few meters, but not always. Search for the PC Mag offices and you'll see the malicious network used to test the Skycure app for my review.
You'll probably see the highest concentration of questionable Wi-Fi networks at airports. That's partly because these networks are sometimes configured without privacy in mind. More interesting is when a Boingo hotspot appears in the middle of a residential neighborhood. These networks are almost always fake. Attackers use the name of popular wireless services to trick devices into automatically connecting to a malicious network.
At a glance, most of the pins on the map aren't malicious networks per-se but many have entries that say the network could potentially leak your personal information. From my experience using Skycure on my personal device, that seems accurate. To be clear: these networks should be avoided the same as overtly malicious ones.
What Does it Mean?
Skycure Maps exists partly to promote its mobile app, but it's also to prove a point. "Attacks are happening everywhere," said Sharabani. "Don't believe me. Search for it." He recommends that everyone, especially professionals traveling to conferences, scout around to get a feel for their network environment.
Looking at the map, it's hard to disagree that the threats are real. In my quiet Queens neighborhood, Skycure found three networks that could leak my personal information, and at least one that is outright dangerous. The next time someone asks me if they should be concerned about connecting to the Starbucks Wi-Fi, I'll just point them to this map.
Just search a location on maps.skycure.com and you can see how many naughty networks are in your area. You might be surprised, or just plain horrified.
How it Works
The site is built on Google Maps, so search for any location as you would normally. Skycure then searches through its database of known malicious networks, and places pins on the map for any nasty network its users have encountered in that area within the last six months. Results are shown within a red circle.
I find that being specific yields the best results. An address in Manhattan yields far more useful data than a search for "New York, NY." For broad searches like these, Skycure's search radius is just too small and centered apparently at random.
Not surprisingly, Skycure Maps works best in urban areas where there are lots of people and lots of Wi-Fi networks. Searching my hometown in Michigan turned up two results for the entire lower peninsula, both of which were (not surprisingly) at the airport. Obviously, the big limitation of Skycure maps is the number of users the service can draw data from and where those users have been.
The data for the map is drawn anonymously from Skycure users. When a user connects to a network, Skycure tests it to see if everything is on the up and up. If it's not, a warning appears on the user's phone and the unsafe network is logged on Skycure's servers. Skycure uses this knowledge of malicious networks, the network's location, and the network's hardware configuration, to better protect its users.
Skycure says that although the map's information comes from users, it's entirely anonymized. "We do not have any visibility to any data on your device, your emails, passwords, or the ability to do so," said Sharabani. "But we prevent the attackers from having the ability to do so."
What You'll See
You can click each pin to see the name of the suspicious network, and a brief description of why it's dangerous. Sometimes, you'll see a Google Street View image, too. Sharabani says that the location of the Wi-Fi network is accurate to within a few meters, but not always. Search for the PC Mag offices and you'll see the malicious network used to test the Skycure app for my review.
You'll probably see the highest concentration of questionable Wi-Fi networks at airports. That's partly because these networks are sometimes configured without privacy in mind. More interesting is when a Boingo hotspot appears in the middle of a residential neighborhood. These networks are almost always fake. Attackers use the name of popular wireless services to trick devices into automatically connecting to a malicious network.
At a glance, most of the pins on the map aren't malicious networks per-se but many have entries that say the network could potentially leak your personal information. From my experience using Skycure on my personal device, that seems accurate. To be clear: these networks should be avoided the same as overtly malicious ones.
What Does it Mean?
Skycure Maps exists partly to promote its mobile app, but it's also to prove a point. "Attacks are happening everywhere," said Sharabani. "Don't believe me. Search for it." He recommends that everyone, especially professionals traveling to conferences, scout around to get a feel for their network environment.
Looking at the map, it's hard to disagree that the threats are real. In my quiet Queens neighborhood, Skycure found three networks that could leak my personal information, and at least one that is outright dangerous. The next time someone asks me if they should be concerned about connecting to the Starbucks Wi-Fi, I'll just point them to this map.
No comments:
Post a Comment