Public WiFi: A overview on how a hacker can steal your data and how to avoid it!

You need Programming knowledge to understand words other than Public Wifi.

@Ninja Torrance its not really programming knowledge its more of cyber security / networking

@Ninja Torrance lol this has nothing to do with programming whatsoever.... this is more networking/ cyber security infrastructure stuff.

@ImmenseFox Yup I know bro. Wasn't really thinking much when wrote that comment

@Awesomejojo right

@Ninja Torrance its ok we understand. Nowadays it is also common for programmers to pick up networking and cyber security skills

@Awesomejojo Yeah. I am also in the same field

Hmm. Am just a AI student... :(

@Reold You need people from AI also in sort of Security Services

Snehardra Biswas I understood WiFi adoarter it’s changing the WiFi SPOOKY TECH SHIT BRO

It basically says never connect to a public WiFi. If emergency use it with VPN.

@Goutham Suresh ✌

Ok lol

make sure to use code uderated to get 20% off in your next purchase

@Insightin which one

@Insight oh thank you

oh yoi forgot surfshark

You guys should try vpnify (the icon is a blue square with a purplish tick) it's free just press, continue with ads and its completely free, and no it only shows ads on the app when u disconnect or connect to the VPN it does show ads while you're using it in the background, the free mode has access to over 15 different countries, including USA, as much as I wish I was sponsored, I am just spreading the word, 😊👍 try it out, ther is also no wifi cap, so you can use it as much as you want I've been using it for like 5 months now and had no problems

@Anoosha Moodley proton vpn has no ads and unlimited bandwidth

@xOr idk, you tell me

@xOr meaning we are never fully secure

well, they're an ISP. It's kind a side effect of their job. You run item through the checkout lady, yeah, you get to buy your stuff, and yeah, she sees what you bought.

Edit: The level of trust or fear is up to you, even through VPN's, your encountering the same issue. That service is still seeing all your traffic. Wether or not they truly sell it or use it, well, you won't ever know.

@TheTyphoon365 yeah, but at least they can do the curtosy of not storing the data.

@Joshua Speedy they might, and in all honesty probably do

So?? They basically need to, and its not like they're gonna steal your personal info, you're not that important. And it'd be totally illegal so... plus if they didnt, then people would just use them for illegal stuff

@Skelyboss actually, it isn't illegal for them to collect and store your data, governments actually actively make transactions with isps. I think our main difference in thinking is that I beleive privacy to be a right. If I was breaking the law they shouldn't know and instead should keep illegal content off the internet instead of keep me away from the illegal content. (an analogy can be to illegal drugs, prevent it from being sold, not from being bought)

@Joshua Speedy nordvpn, I think it's illegal for them to logs your activity

@Hanif Faris I use pia, it isn't illegal for them to log, and nord does log. If they advertise they don't log than it is illegal, but the law very poorly covers privacy when it comes to the internet. It may require a privacy policy, but after that it's basically, you accept this document that has basically no limits or you don't use the internet.

@Joshua Speedy they do advertised that they don't logs user activity, and they also have an option to buy their plans using crypto currency for added privacy.

@Hanif Faris I've heard several things questioning that statement, I don't trust most vpns because of the loose laws about them and the nature of them

@Joshua Speedy If you want full privacy live under a rock. It's just not realistic to expect having privacy as a right. It would complicate legally defining public vs private actions, spaces, etc. As long as you don't do stuff to put you ona watch list the government could care less who about who you are and what you do.

@Lukyan here's how I define what privacy as a right to be, I have a right to who has and who can share my infomation, for example, my friends know me and are fine to talk about me to anyone who asks, but google isn't my friend, I don't want them to tell people about me for money same as if my friends proffited off of their knowledge of me. By privacy I mean privacy of information, there are obvious things that cannot be prevented if we extend this definition much farther. Privacy is already considered a right, but only in the loosest sense where you have to sign (or even looser say that you have read) a policy that has very little things it cannot do. As for legally, it isn't too difficult to distinguish between coorperate enteties and private ones, it's already done in tax law, why not tack in other laws within the same umbrella.

Joshua Speedy oh well too bad you agreed to it

Joshua Speedy and btw you aren’t being private while using someone else’s search engine I mean you can use Firefox bing or Microsoft explorer ( that shit search engine for Microsoft computers that gets replaced by google almost every time ) let’s not forget yahoo anyways you are publicly displaying yourself online unless you take measures to be kept private it’s not a standard and you shouldn’t complain about something you didn’t do now to reason with your simple mindedness I’ll explain it like a lock and chain you have the keys the lock and the chain if you don’t engage the lock and secure your valuables with the chain anyone can come along and have access to your valuables and it’s up to each person that the items are safe now say you locked that chain around your stuff well then they can see what you allow them to so at most they will see the shackle that connects the two ends and not the starts of the two ends themselves

@snipers unite duck duck go x tor browser, it's not impossible to stay private, ever heard of Richard Stallman?

Joshua Speedy I didn’t say impossible I said isn’t a standard and you shouldn’t complain about something you need to do maybe you should go back to school to understand simple English

Joshua Speedy oh wait it’s not that you can’t read rather you are responding to a few of my words by choice

@snipers unite I understand that full privacy is unattainable, but Im just trying to defend myself that it is important. You can be private without living under a rock.

@snipers unite perhaps don't insult me, I'm just trying to defend my stance on privacy. If you feel differently than you go ahead and feel that way, but that doesn't make what I say any less true.

@snipers unite bruh, im trying to say that you shouldn't be forced into agreeing to something you do not agree to just because everyone else is. If every single, let's say car company, decided they had the right to track you and show ads based upon where you went, that doesn't make any one company less of a scum than others. Privacy is an important right and just because the people who make money on a lack of it say different doesn't make privacy any less important.

Joshua Speedy perhaps you don’t understand wtf I have said at all YOU have complaints that your isp and other sites take and sell information about you and what I said is YES they do now don’t complain because you had the choice to hide your information from them and that you don’t have a valid complaint if there are actions you are able to take from having your information collected and sold by sites you should have taken them instead of allowing the information to be intercepted and collected

Joshua Speedy but it’s not like every site you go to is selling your bank information or social security information

@snipers unite I made a joke about most isps stances on privacy and as a discussion continued opened up on how I feel about privacy. I wasn't complaining for myself, I was pointing out the poor antiprivacy practices of large coorperarions

@snipers unite it isn't like that, but they do and can know an uncomfortable amount about you. I'm not as much against this as I am against them profiting off of that knowledge. And I understand that most sites do not do these practices, just that a select few large ones do.

They only capture packets. Not redirecting ,

Change your DNS to an encrypted one like 1.1.1.1 or 8.8.8.8. Your ISP can no longer see the sites you visit.

@# Simply changing DNS servers wouldn't do anything to improve your anonymity online.

Use Https Everywhere, Firefox has add-ons for Mobile devices

What bout pornhub

That's a damn lie lmao

Just don't use internet lol, if one's that scared.you can't have all the privacy on the internet

@Tejas Padhye tru

exactly idk why this was so intense😭

Requiem pornhub has antivirus protection idk about encryptions

Hackers can force you to connect to http

He did say the "even https often link http versions when you initially connect"

@Sea Bass yes but if you already connected to https again this method is useless

@Sea Bass and almost all web use https doesn't use http again

@Sea Bass if you still didn't get it. all website using https already routing using https and not linked to http

@Fabian Adam This is what the guy in the video said. Unless you think know more than him.

@Sea Bass oh you still didnt get it? Now every big website especially banking web already use https amd didnt route http

@Sea Bass if you see little padlock icon on chrome that mean you aren't using http at all

@Fabian Adam There are issues https from an article here. https://www.wired.com/story/https-isnt-always-as-secure-as-it-seems/ and the actual amount of sites that use https varies from device to device at around 70% to 95%. https://transparencyreport.google.com/https/overview. It seems to generally still be an issue.

I'm just telling you what he said. If you think it isn't true, ask him.

@Sea Bass thats a nice article you got. But it will still be difficult to steal info from https. I just hope https got improved again since i always use mobile banking

Well no because it wont work on any website using https and most of them are

You won't do it

Olivier Larose-de Billy it was a joke silly I’m too stupid

BRUH HAHA HAHA HAH

Https does it for free 🤗🤗🤗

Lmao you won't be able to do any of this

Olivier Larose-de Billy it’s not very hard

Naw. VPN to your own house! Use a SonicWALL or a Ubiquiti router. Best part is you also have access to your own stuff like printers and file shares to boot.

You really dont, https is already here to encrypt your data, now a VPN will only be useful to hide which website you are using from your isp or have an ip at a different location

Nah man he doesn't care if you are into bdsm, he just wants you to PayPal him your bank account

They have access to more than just your photos. Any sensitive information (e.g bank accounts, addresses) you have on your account, they can look at.

@Synd1cate Well, the thing is, I have none of that on my account.

Basically every website uses https so this is basicaly useless

You're not even close to getting the point mate

yes you right, you can prevent it like that.
But you can't remember all wifi passwords in mind or just don't want to type anything
So just don't use public wifi that's it
if still, u need to connect public wifi use VPN.

Basically every website uses https a secure transfer protocal. So no needs to worry. Apps on the other hand. Better to be safe then sorry and use a dns resolver like 1.1.1.1

The videos are supposed to be short. He won't be able to talk any slower.

Woooosh
The intension is to not teach you how to hack, but to stay alert.

Thanks, your isp loves it when I connect!

Joshua Speedy yo what the hell was this planned?

@Qabas Elfurjani Dw hes my fbi agent

@May L. nice to finally speak!

@Joshua Speedy indeed

@Joshua Speedy So hows my data doing?

@May L. well, frankly, I'm a bit scared of what goes on when chrome is in dark theme.

@Joshua Speedy Its untrue everything you heard and saw about me stealing good memes untrue!

@May L. whatever you say

That's Wifi Pineapple by Hak5

Obi-Wan Kenobi yeah, but you know he was thinking it…

What's PIA? And how tethering from phone will secure us from Man in the middle attacks?

But every modern websites encrypt your data anyways using military grade encryption called HTTPS. I mean all a VPN does is to stop your ISP from spying on you and to bypass firewalls. But you also have to know that your data is going through their servers which then they (the VPN company) can spy and track you.

@Syed Ahmad Private Internet Access. I'd definitely trust my 4G over open wifi. Sure, PIA could steal some sort of data I guess, but so could my ISP.. If it's encrypted, it's not getting cracked, period. If you took all of the supercomputers on the planet, combined their processing power, it'd still take, until the heat death of the universe, to crack one line of encryption. At least, that's what my "research" has taught me lol. Ignorance is the only way someone gets "hacked". Easy passwords, falling for phishing attempts, etc. Never login to a website with HTTP for sure. Look for that "S".

Yes. Thats why these types of attacks were phased out years ago. HTTP(S) stands for Hyper Text Transfer Protocol (Secure). It encrypts your data and only the recieving end (like a website) and your ISP can see it. Every modern browser has a little padlock next to the search telling you if it is secure or not. If it isnt secure it would be HTTP and if it is secure it would be HTTPS.

You could just get a cheap chrome book to use instead

Cuz I don't think it's possible on Android/noone has released an app for it yet

Thanks 😁😁

@Rybee4 well you have accès to Linux kernel console on Android if you have root and technically there would also be Ubuntu mobile

Thats not how it works.....

Hak5

Https already protect you

Plot twist: to defeat a hacker you must be a hacker

😐

It's a wifi pineapple nano

@Kshitij Lal no its a raspberry v4.1 plus with some extra ports

Password

@snipers unite what password

duwe kapak you don’t deserve to be able to do this to people on your WiFi then

You cant read any information from any websites using https 😳😳😳😳

@MrX I know but the safest way is to just not use public wifi. VPNs are expensive (to me)

@MrX which VPN is the best one??

@MrX thanks

@Dale b or use a dns resolver like 1.1.1.1 its free and secure.

But basically every website you used is encrypted by https

Yes it does ,in a sense.

@David Ocampo in no sense. If you are following steps you aren't hacking. To hack is to find a creative way for a system to do something that wasn't intended to do. For example when you find out that you can send commands to Amazon echo using a laser, or when you find out that http can be attacked using request smuggling THAT is hacking, when you follow a tutorial you aren't hacking shit.

Arhat M. No Hacking is unauthorized intrusion into a computer or a network. Nothing about being creative if it did have to be creative then using 0 days wouldn’t be hacking using your logic

@Anonymous Dumbass using 0days ain't hacking, unless 1- you wrote the exploit yourself 2- you found the vulnerability to exploit. Anything else makes you a script kiddy. Hacking doesn't mean unauthorized intrusion to computer or network. Hacking started in the 60's in a MIT train model club, where they used to hack the rail to automate it(no unauthorized intrusion here). You can hack phones, called phreaking that started with "Captain Crunch" (John Draper) using the whistle that came in the cereal box to emit a 2600 hertz to simulate a available line(no unauthorized intrusion into any computer or network here). You can hack code to make it faster, you can reverse engineer a microchip of a gaming console to use it on a different platforms, you can do bug bounty hunting which only finds vulnerability doesn't exploit it, you can hack Defcon batch to make it display your name. NONE OF WHICH is unauthorized intrusion to a network or computer. Hacking is thinking out of the box. Quoting Hacking the Art of Exploitation:"The essence of hacking is finding unintended or overlooked uses for the laws and properties of a given situation and then applying them in new and inventive ways to solve the problem "

@Anonymous Dumbass great retort. You should keep to writing about the things YOU DO KNOW about buddy.

Arhat M. That why I am talking about unauthorized access mr moth

@Anonymous Dumbass 🤦‍♂️

Arhat M. What’s wrong mr moth

@Anonymous Dumbass Sure skiddie, use Metasploit too if that makes you feel like a "haxor".

Arhat M. Mr moth you shouldn’t pity. Pity is for people who don’t have a choice

@Anonymous Dumbass Arhat M is right. Your just finding excuses to use tool that people made to feel like a hacker.

@Clifford dude Arhat M literally quotes something to make his point stronger all you guys are resorting to is aggression because your points stand no chance. Just admit it that Arhat is right.

@Arhat M. Leave these people, they don't know anything . Let them hack NASA by using HTML .

Arhat is right !!

@Cole Soucy ask a hacker what is hacking , Ask security researchers . Not Google .

Hackers don't write on Dictionary.com or whatever .

Ughh whatever pleases you , I have been in infosec for about 6+ years now , No one says that here .

These phishing , carding , wifi password cracking , Bruteforcing parameters IS NOT HACKING !!!

How running a 10k wordlist against a parameter is hacking ????

Bye , had enough of this .

@Anu then what is?
if you know lets say c# are you a hacker?-no, if you find some exploit?-no
Hacker is guy who know how to use utilityes in right way, knows commands/protocols, and how they work, and other stuff

@Sked I said the same thing , Probably arhat meant same too .

All I said was "Hacking is not about gaining unauthorised access to any accounts" .

And I said the same thing as you said .👍

@Arhat M. I don't know what r u saying but I think ur right

@Arhat M. I think you're missing the point of the video, you seem to have distracted yourself with semantics about the qualifications of a "hacker".
You give other people far too little faith... Anyone who is capable of understanding what you're arguing about already is aware, and agrees with the obvious, which you're insistent on pointing out.
For the purposes of this discussion let's say that the average non-tech-saavy layperson are the most likely targets for attacks in the nature of this video. Once they're aware that something has happened to them, this type of person will not see or care about the differences in semantics of what to call the person that exploited them.
From their perspective they have been taken advantage of by someone who knows more about tech than they do. If you tried to correct their referencing to hackers at that moment you'd very likely just make them more upset, and possibly make them suspect you are the culprit...
When processing statements made by others, consider the source, who is saying it... What is the intent of the statement? In what context? In what type of setting? Who is the intended recipient of said statement?
English conversation is quite dynamic because of these variables, and you should not take words so literally.
Of course this is just my advice, you are free to speak as you like.

Arhat M. You do know what hacking means right you don’t even need to code to hack so

Deauth just forces a new handshake I believe. You need the user to select the spoofed connection.

Nitesh Kavre I believe it’s called Kali Linux. Correct me if I’m wrong.

See the vid again bro carefully

Yeah the website was fishy tbh

No, but he told a really old way to know HTTP informations but it wont work on any HTTPS connection

True

Free Minecraft account 2020 no virus?

@KaptainKarma No-no free robux no hack no virus

Not really tbh

Depends what colour hat he's wearing.

@Insight don't even use use new technology, just live like in 1867

A Think pad with kali installed

Mouse gear pointer, built-in feature hardware in Lenovo ThinkPad series

There is always a possibility that the VPN provider is logging your traffic.

No u cannot

Disagree. The attack still works, and it's such a surface level intellegence attack that it wouldn't take much more to make it more effective. If you wish to believe it's all safe and dandy not following any more advanced protocols than logging on to public wifi and browsing, you do you. The point of this video is to make people a bit safer browsing public wifi. I redacted some major parts of the tech, as it is not a hacking tutorial. Cheers.