Wifi in airplanes is expensive — up to $12.95 for a single flight.So one can assume that those who use it have important, and probably confidential, information that they need to communicate.
However, the fact is that wifi in airplanes is just as insecure as free wifi offered in your corner coffee shop.
Ben Miller is a consultant who helps hotels and other businesses with their wifi installations.
He recently wrote a great post about Gogo, which provides the wifi service for American, Delta, United, and several other airlines.
Ben points out the following security problems with Gogo:
- No encryption is used for Gogo’s wifi. This means that applications like Firesheep allow hackers to steal login information for Facebook, Twitter, Amazon, and most email systems.
- The authentication system used to charge passengers for Internet access is not fully secure. This means that anyone who knows how to spoof a MAC address (YouTube videos show you how to do it) can use the purchaser’s MAC address to piggyback on the service for free.
- In some circumstances, your device will continue searching for “gogoinflight” networks even after you leave the plane. This means that a you could inadvertently connect to an “Evil Twin” using that name, perhaps belonging to a hacker in the airport lounge. Think of free public wifi as “bait” by an Evil Twin thief.
Of course, Ben recommends a personal VPN as a way to protect private communications over wifi networks. What bad security habit will you fix before your next flight?
This is actually a good warning. thanks for posting