Go-go-gadget WI-FI ON A PLANE!

I imagine that the next two weeks will see a significant amount of Wi-Fi trials or sales as parents and children alike take to the skies to visit loved ones over the holidays.  While I am sure it has happened already, you don’t find too many documented cases of wireless attacks happening on airplanes.  There are a couple of ways that attacks can happen.

Airplane light, by Tambako the Jaguar

Airplane light, by Tambako the Jaguar

The first attack does not even require an internet connection, just a lazy passenger that does not follow their airline’s electronic device policy.  I’ve seen tons of weary road warriors working on their laptops without removing their 3G data card or with that little Wi-Fi light blinking furiously.  While going after that 3G signal is unrealistic for several reasons, those users that have their Wi-Fi on may be vulnerable.

Depending on how the laptop is configured, it may not have a software-based firewall active unless it is connected to a VPN concentrator.  If the flight does not offer Wi-Fi internet services and the laptop is configured in this way, then you can almost guarantee easy access into the machine via common attack vectors.

If the flight offers Wi-Fi internet, there are still some interesting attacks that someone could try.  Remember that there is no encryption over the link, so passwords that are sent out over Wi-Fi without encryption (like SSL in a browser) will be easily accessed.  Watch out Facebook users!  Of course, any device playing on an IP network is subject to the same types of vulnerabilities based on its configuration or the potential for DNS poisoning or Man in the Middle attacks.

The safest way to enjoy these networks is to ensure that your laptop is patched against known vulnerabilities, has a firewall protecting it from outside traffic, and can tunnel all traffic to a remote VPN concentrator.  If you don’t happen to have a Cisco device laying around, there are many options available to accomplish this.  Most of them do require control over some kind of server on the internet.  Theoretically, you could easily run this from a home high-speed internet connection, so it could be just as simple as turning on a feature in your broadband router, or setting something up on a server inside your network.  OpenVPN is one of the easiest ones to use, and of course is free.

If you are going to Wi-Fi it on the plane this year, just remember to remain vigilant.  Think of it like a crowded coffee shop with at least one bad guy hanging around.

This post originally appeared on BrandenWilliams.com.