How using my friend’s Mobile WiFi Hotspot f**ked up my privacy? :(

by Ankit Verma

Hey, what’s your Mobile Hotspot password?  -  I asked.
Oh, scan this QR code & have FUN!  - Friend replied.

Little did I know that I was going to be screwed in the next couple of minutes as this is what he shared with me:

Damn! He could see all that I could surf over my device.

The most important question here is not how he did it or why he did it but is it that easy to hack into someone’s privacy with your Mobile WiFi Hotspot?

That’s not all! There is a never-ending list of kinds of attacks possible through Mobile Hotspot!

  1. DNS Spoofing
  2. Password sniffing
  3. Session Hijacking
  4. JS Injection
  5. Fingerprinting your device for replay attack
  6. Forged Datagram Packets

And tons of more!

Is it dangerous to use a friend’s Mobile WiFi Hotspot?

Of course, YES! And it is a double-edged sword. The person sharing the Mobile Hotspot can be get into trouble too, here is how:

Imagine you are Saintly Human (one with no bad intentions), but your friend with whom you share your Mobile Hotspot, is not same & lets assume he does something that counts as Cybercrime. As easy as:

  1. Abusing a political leader from a fake Twitter account
  2. Downloading a pirated movie using a Torrent
  3. Cyberbullying someone online, or, worst of all,
  4. Uploading a Revenge Porn!
In each of these cases, since, you own the Internet, God forbid if some legal probe does take place, you are behind the bars! :(

Wait, you didn’t do any Cybercrime? Indeed!

But, can you prove that it wasn’t you? Can you prove it was your friend? HELL NO! The next big thing is that the person you shared your Internet with, will be able to connect automatically to your Hotspot the next time it is on and he is in range. They have already saved your Hotspot password and I’m sure you don’t change it that often :(

Thinking that either of these cases can happen to you? There are no numbers on that, but no one thinks they will get in a car accident either. The sad fact is that eventually we are bound to get into some sort of accident. If one is lucky, it’s a band-aid & if not it’s a life changing event.

What should you be doing now?

Getting yourself insured against this. Of course, nothing is 100% safe, but you can increase your odds to be safe with this advice:

As sharing your Mobile Hotspot:

  1. Share your Mobile Hotspot only to your immediate family members and closest friends.
  2. If the device supports, try to limit access to your known ones.
  3. Every time you share it, change your password right away.

As getting other’s Mobile Hotspot:

  1. Avoid asking for one unless it is too urgent for you.
  2. Try to use a known on-demand VPN (I personally don’t recommend this one & soon I may be able to share a better alternative).
  3. Hop on to nearby WiFi Hotspot powered by BhaiFi.

What if you run a workspace or business that involves sharing internet with your clients/employees?

What we talked about is just your Mobile Hotspot & see the possibilities of getting screwed. Just imagine what wonders can be done if someone were to misuse your high speed workplace WiFi Network  - Office, Coworking Space, Cafe, Restaurant or Co Living Space WiFi??

"If you are sharing your WiFi or connecting to the internet using public WiFi, you should definitely consider some way of securing access."

What does DoT say?

In a nutshell, the guidelines laid down by Department of Telecommunication (DoT) states that you need to store the credentials of every person using your internet for a period of at least 1 year.

This article had more to do with introduction of concept and I will be publishing another article on following DoT Legal Compliance in detail to make doubly sure you are safe when you share your Internet at your workplace with your coworkers. Stay tuned!

Happy BhaiFi-ng!