Probably one of the more interesting news stories this month is the revelation of Google admitting that it packet sniffed on unsecured public Wi-fi networks. Read news here.
It appears that Google Street View cars were driving around taking pictures of various locations, but were also kitted out with network sniffers that could connect to unsecured public wi-fi access points, monitor and record data transmissions across those networks. Naughty stuff Google. This went on for a total of 3 years and accordingly to Google the activity was a “simple mistake”. This continues to re-affirm beliefs that public Wi-fi networks are serious security risks for both individuals and companies. If one of the world’s largest IT monopolies can do this by accident, cough, what could a determined plan of attack achieve.
So how did they do it? The answer is, without rocket science. It’s easy enough to connect a laptop to an unsecured wi-fi network as no passwords are required. Once connected, you can run a network sniffer to see what’s going on. Why not try it yourself on your own network? Try Wireshark, or perhaps Cain and Abel if you want a little more security analysis.
For an intro to packet capture and analysis using Wireshark, spend a couple of minutes watching this video: