A sign saying "free Wi-Fi" has become a commonplace sight in recent years, particularly for residents of large cities, and the convenience of widespread wireless internet access cannot be denied. Nevertheless, the potential for malicious misuse of such networks has made connecting to them a potential internet security hazard.
However, Dark Reading recently reported, that could change in the future, as a groundbreaking new system allowing for safer public internet access was debuted at this month's Black Hat conference, held in Las Vegas.
The Secure Open Web Access Project, which is under development by an independent researcher in partnership with IBM's X-Force team, is focused on tackling some of the primary data security threats found on open Wi-Fi networks, the security news source said.
SOWA uses digital certificates – similar to SSL technology – to provide an additional level of internet protection to users of public networks. Dark Reading reported that the system is designed to ensure that the connection between a device and to a SOWA-enabled network does not involve a cleverly disguised rogue access point instead.
This technique is a common one among criminals looking to steal personal information or website cookies from unsuspecting users. Rather than connecting to, say, a McDonald's in-house Wi-Fi network, victims unwittingly connect to the hacker's rogue AP, funneling all traffic through the so-called man-in-the-middle where it can be viewed at leisure.
The tech news publication said that these attacks got even easier at the end of last year, with the release of the Firesheep extension for Mozilla's Firefox web browser. This made the technique available even to those without any specialized technical aptitude.
X-Force threat intelligence manager Tom Cross told the news source that the team is working to stop these attacks.
"When someone is attacking an insecure wireless network, there is no real way to detect that it's happening … This has significant impact on security and personal privacy … We want to build open wireless networks that are encrypted and that anyone can access," he said, according to Dark Reading.
The tech world has reacted – albeit slowly, in some cases – to the advent of Firesheep and other hijacking techniques. Twitter recently switched on HTTPS by default for some of its users, as part of a general move toward improved content security, and Facebook continues to make small upgrades to its own protective measures.