Plus Pages

Wednesday, February 23, 2011

News Sites Can Be Altered On Public Wi-Fi

By now you know that public Wi-Fi can pose serious risks. If you're using a public hotspot, you're very susceptible to attack. But what if it isn't your computer that the hackers want? What if they want to attack the news you're reading? Watch and see how easy it is to tweak the news you thought you could trust. Hat Tip to Kim Komando.

Note: This video does not have sound. Your speakers are fine!


Newstweek: The Thorough Demonstration from newstweek on Vimeo.

(The impatient can just scroll through to 04:45 to see the news manipulation in action)

With hardware hidden in a small, innocuous wall plug, we demonstrate wireless alteration of news headline:

"Beijing seeks to ease US fears"  to:  "Beijing to invest in US Army"

.. on an Acer Netbook, Macbook Pro and Nokia N900 smartphone.

This is done with the following trivial packet header and payload filter:
if (ip.proto == TCP && tcp.src == 80)
{
if (search(DATA.data, "Beijing\ seeks\ to\ ease\ US\ fears"))
{
replace("Beijing\ seeks\ to\ ease\ US\ fears", "Beijing\ to\ invest\ in\ US\ army\ ");
}
}

This could just as equally be performed in any cafe, school, library or airport with a remote user logging in and manipulating news content read by wireless network users. No connection with - or modification of - any software on the laptops, tablets, phones affected is required.

No comments:

Post a Comment