It’s about time I had the privilege of coining a new buzzword. How about this one? ‘Dark Wi-Fi.’ Catchy, no? Well, Google is your friend, so I checked and sure enough; someone beat me to ‘Dark Wi-Fi.’ Still, Dark Wi-Fi can have multiple definitions and the one I like is the one where someone hacked your Mac, iPhone, iPad or whatever device you’re using when saddled to a nearby Wi-Fi network.
There’s the ‘dark web’ and President Trump’s fear of the ‘dark state’ and probably plenty of other darkest we don’t know about but should fear anyway. I base my ‘Dark Wi-Fi’ misnomer on the so-called DarkHotel group which has been around for years, lurks around in the darkness at mostly higher class hotels to target high value business travelers with various and sundry malware attacks.
You guessed it. Hotel Wi-Fi hotspots, often free or very easy to log onto and use, can also be used by criminals to delver a nasty payload of malware onto smartphones and personal computers that belong to high value targets. The same folks also target political operatives who tend to stay at the same locations.
See the problem?
These are not the folks lurking in a van parked at Motel 8. These are criminal hackers who target only those who have position, power, fame, money, or political clout.
What can you do? Stay off cheap Wi-Fi will help. Use a VPN to avoid what may be connected to local Wi-Fi networks when you travel. And, use a Mac, iPhone, or iPad instead of a malware infested Windows PC or Android device.
Really? That’s it? Nope.
That suggestion comes at the same time as more vulnerabilities have been exposed on Apple’s usually tight-lipped iOS. The latest is a list of eight vulnerabilities to iOS, some of which can escalate privilege and allow someone to take control of your iPhone or iPad, and potentially grab some incriminating or valuable data (they are not the same).
That’s the bad news. The good news is Apple already patched the list of vulnerabilities with the last iOS 10.x update. So, it pays to upgrade your Mac, iPhone, and iPad soon after the release.
There’s more good news.
A vulnerability does not an exploit make.
Think of a vulnerability as a hole in the software which could allow code inside to cause mischief, damage, or steal something once control is obtained. But a vulnerability is only a hole. In the right scenario, with the right vulnerability, exploits take advantage of the hole. You can have a vulnerability without an exploit just as you can have a hole without anything going inside it to cause the aforementioned mischief, damage, theft, or control.
To better illustrate, think of the game Whack-a-Mole. A mole pops out of a hole and you whack it on the head with a hammer. Likewise, someone finds a vulnerability in iOS or macOS or whatever OS you choose, and someone whacks it shut; in this case, Apple whacked the iOS vulnerabilities with the latest iOS upgrade.
Am I a bit paranoid? Listen, if everyone is out to get you or your stuff, then paranoia is the right attitude to have.