As a dedicated cyclist, not to mention a security guy, I’ve undertaken a World of Warbiking project at Sophos. It involves traveling around the globe, riding the streets of major cities with my computer-equipped mountain bike, and looking for wireless connections along the way to sneak a peek at the companies and regular people who are using them. (Don’t worry, it’s all perfectly legal.)
The World of Warbiking is an ambitious project to find out how our hunger to be online at all times is leaving millions of people and companies and their sensitive data exposed to hackers and spies. Our experiment kicked off this week in San Francisco, where we found a disturbingly large number of people willing to connect to an open wireless network we created, without any idea of who owned it or whether it was trustworthy.
Incredibly, conventional wireless network security is still a major issue, although the security industry thought it had figured out the problem years ago. A massive quantity of businesses and home users employ insecure, poorly implemented or even defunct wireless protocols. Just as disturbing is many people’s total disregard for basic security.
San Francisco warbiking: What we found
When we set up an insecure Wi-Fi network in San Francisco, 1,512 users happily connected to our open wireless network without any idea whether we were honest or out to do them harm. If you connect to a network, the owner of that network could insert code on your computer or redirect you to a malicious website.
Of the 1,512 users that connected to our wireless network, an alarmingly large number of users did not have the latest software. It’s essential that you keep your operating system and web browser patched with the latest security updates at all times (that goes for you too, Mac users). With a few extra command line arguments, it would have been trivial to attack nearly everyone in the study.
Compounding the issue is the growing number of devices that are permanently identifying themselves via procedures such as Bluetooth; this kind of behavior is increasingly putting everyone’s valuable data out in the open and at risk. It’s like shouting your personal or company information out of the nearest window and being surprised when someone abuses it.
Even though many people get security wrong, that doesn’t mean it has to be difficult. There are lots of easy ways to improve your security. I urge you to read these 10 tips to learn more: sophos.com/tips.
I will be continuing this warbiking project in more cities in more countries around the world, carrying the message of better security with me. Definitely check out the cool video below, which we made of my warbiking tour of San Francisco for our presentation at RSA Conference 2014 this week.
How will other cities around the world compare? Find out when the World of Warbiking presented by Sophos comes to a city near you.
James Lyne is Global Head of Security Research at Sophos. You can follow him on Twitter: @JamesLyne
Sophos in the news: World of Warbiking, Apple’s goto fail bug, Android malware surge | Sophos Blog
[…] When we set up an insecure Wi-Fi network in San Francisco, 1,512 users happily connected to our open wireless network without any idea whether we were honest people, or out to do harm. If you connect to a network, the owner of that network could insert code on your computer or redirect you to a malicious website, James explains in his blog post about the warbiking project. […]
How to keep your Wi-Fi traffic secure and the data snoops out (Video) | Sophos Blog
[…] you how to protect your wireless network in the video below. James explains that up to one-third of Wi-Fi hotspots aren’t properly encrypted: they are either totally unencrypted or use weak encryption. Watch […]
CeBIT opens with focus on Big Data and the Internet of Things | Sophos Blog
[…] this week, on his warbiking tour of major cities around the world. James kicked off the tour at RSA in San Francisco, and continues the World of Warbiking tour on his computer-equipped mountain bike — his […]
Sophos at CeBIT: UTM Accelerated 9.2, Warbiking, and some important guests at our booth | Sophos Blog
[…] Research, pulled in a crowd as he presented his findings from his latest Warbiking trek in San Francisco. What is warbiking? It involves James riding the city streets on his mountain bike, using special […]
Sophos at Infosecurity Europe 2014: Credit card crime, Android malware, and a look inside SophosLabs | Sophos Blog
[…] Infosec 2014 Join us for a warbiking ride to find out how much information people are giving away about themselves, just by using their […]
How safe are London’s Wi-Fi hotspots? See the results of our warbiking ride (Video) | Sophos Blog
[…] somewhat alarming, if not downright scandalous. People in London, much like their counterparts in San Francisco, are all too happy to connect to unsecured wireless networks, without using encryption. It’s […]
How cyber safe is Las Vegas? Sophos ‘warbiker’ reveals wireless insecurity | Sophos Blog
[…] Wi-Fi networks and the devices connecting to them. Vegas is a place, much like San Francisco and London, where people have a worrisome lack of […]
Apple’s iOS 8 will help keep out Wi-Fi marketers and snoops, but not totally | Naked Security
[…] tour to see how careful the general public is when connecting to Wi-Fi networks. First stops – San Francisco and […]
Apple’s iOS 8 will help keep out Wi-Fi marketers and snoops, but not totally | ste williams
[…] to see how careful the general public is when connecting to Wi-Fi networks. First stops – San Francisco and […]
Sophos news in review: Sysmas prizes, Gameover do-over, and warbiking down under | Sophos Blog
[…] James has warbiked in San Francisco, Las Vegas, London, and elsewhere. How will other cities around the world […]
Sophos on ABC World News: Free Wi-Fi networks have security risks (Video) | Sophos Blog
[…] New York City’s wireless security compare to other cities around the world like London and San Francisco? Find out more from our World of […]
Sophos expert on the TODAY Show explains “how to protect yourself from hackers” | Sophos Blog
[…] James’s warbiking experiment shows, the answer to that question is a definitive […]
Sophos on the TODAY Show: That free open Wi-Fi could cost you your identity | Sophos Blog
[…] like his previous research experiments in cities like London and San Francisco, James set up an open Wi-Fi hotspot in New York City to see how many people would connect to his […]