Who'se really being hustled here?
Monday 02 July 2007 at 8:12 pm Just saw something interesting on a certain show called "The Real Hustle". The premise of the show is to demonstrate how you can be scammed in various ways. Normally entertaining... but this section? The topic: Wireless security. (and you wonder why I am about to tear them to shreds?)Anyway, they start off by driving round looking for networks.
"Radio signals from wireless networks may not be very strong, but depending on where the base station is..."
External antenna? No?
"All it takes is a couple of minutes to decode the password, and the hustlers are in."
"We've got access to his entire server" (Server? What?)
Alright. So we see them all working on a PC laptop... and the video crosses to a screen view of them "decoding" the password by typing stars into the "Enter network password" dialog on... a Mac? Illegal OSx86 install, or just cinematic license.
Also, interestingly, the word AirPort is blurred out in the dialog.
Now, what we then see is them intercepting his email. Cross to a view of Mac OS X's Mail.app, looking at a blurred out email. How did this get filmed, and how did they 'intercept' his email, using an email client?
Then we cut to another shot - we've swapped platforms again. A PC running IE, and we're capturing his browsing.
We watch as he "browses the web" and "purchases goods" (once again, fake stars appear in a text box to represent typing a password... and if you look carefully, into an email address field!?)
The site shown is none other than amazon.com, and the login for that site is SSL. Password not captured. Same with eBay. You can only really see what they're looking at.
"We know that he's going on holiday, and we've managed to capture..."
The other thing is that the toolbars in that make it look suspiciously like MS Word...
Then they print several screenshots of something, presumably sites he's visited. This could have actually be done, as URLs and pages can be captured. This part is actually plausible. But they have screenshots, that are implied as from his computer.
They could have gone to the websites he went to himself and printed them off - thats entirely possible.
Then they set things straight - MAC address filtering and WPA.
What they did not mention was:
1. MAC address filtering is useless. If you can see someone on the network, their MAC is obviously on the list of allowed ones. Change yours to theirs... and you're on the network.
2. WPA is just as crackable, given a bad password- an authentication + a weak password...
Other suspicious signs - they have a PC laptop in the back. Because we are never shown the machine running Linux, or indeed any Linux at all, and because we actually see the laptop running Windows at one point, they are probably running Windows. Proof enough? Well, how did they crack the WEP on Windows? There's no way of doing so with reinjection unless you use Linux or OS X (simply a lack of drivers).
The other thing is - they should have been careful. Considering the UK has had two convictions for just using unsecured wifi, how safe is a complete admission that you hacked someone's network with malicious intent? Suppose they were caught before they showed the 'victim' what happened, and helped him fix it? They could have been in serious trouble.
So after all of this - how did they hack the network? I think the clear answer is - they didn't. Given their level of technical knowledge... (the fact that they use "server" and "internet connection" interchangeably, don't know what they're doing, don't reveal anything about what they are doing, and just generally don't do it very well)...
So who'se really been hustled? It seems this time, it may just be you, the viewer. And no, there won't be a followup section telling you how they scammed you this time :)