Personal Hotspot Security - Flaws?
As a business user, I initially liked the idea of the Personal Hotspot as a convenient way to link my iPhone and MacBook Pro. However as a networking specialist, I am immediately aware of its shortcomings and risks, risks that are already well known in WiFi circles and no attempt seems to have been made to eliminate these and make Personal Hotspot safe to use.
It is 'Personal!'. It is my hotspot! Therefore:
1/ Don't broadcast my SSID - allow me to turn it off so people don't see my hotspot.
2/ Lock what devices can attach (e.g. via MAC address &/or other security code) . Use the cable tether and iTunes to lock my MacBook Pro to my iPhone so only devices I pre-select can use the Personal Hotspot.
3/ Encrypt the traffic. There is a lot of sensitive data on both MacBook and iPhone, so I don't want the two exchanging such data on an open wireless connection. Give me the option to encrypt it!
4/ Time-limit the Personal Hotspot session and include auto-terminate. When I close my MacBook Pro, suspend the Personal Hotspot session. e.g. when I disconnect the USB cable, my tethering automatically ceases, the same should happen when I close my MacBook. I don't want the Hotspot running when I don't need it.
5/ Enhance the WiFi control panels for all Apple devices to simplify WiFi associations. Here in the UK, all BT Home and Business WiFi devices are also public subscription WiFi Hotspots. They annoy the **** out of me as my MacBook Pro and iPhone will try and join these public hotspots, thus my 3G and other WiFi networks that I want to connect to get interrupted consistently. There is currently no way on either the iOS or OS X to tell the system to remember to ignore certain SSIDs. Imagine being at an Apple convention with thousands of Apple devices with Personal Hotspot activated? It would be impossible to select your own particular device from myriads of others.
6/ Corporate Security teams are going to have heart attacks! It is bad enough trying to identify a rogue WiFi access point that has been attached to the internal network, never mind hundreds or thousands of corporate and non-corporate iPhone users whose device has just been upgraded to iOS 4.3 with Personal Hotspot active. What measures do Apple offer to enable these corporate security guys to ensure sensitive corporate data doesn't get hacked via the Personal Hotspot function (with an open portal to the internet on every single unit) they have just dropped into every workplace on the planet?
7/ Ability to reduce the transmit power of the Personal Hotspot WiFi to 1 metre instead of the standard. If my phone and MacBook are next to each other, I don't need to have the high transmit power of a normal WiFi device. If the Personal Hotspot WiFi signal can be turned down to the bare minimum, it will preserve battery life on the iPhone as well as reducing the mass interference in the 2.4GHz band that will be created by dozens of such devices. If transmit power is not reduced, the effectiveness of existing devices such as access point networks will be severely impacted to the point where some WiFi service networks will become unusable.
Anyone have any other wireless security concerns about the new Personal Hotspot feature?
You're only speaking to other iPhone users here - not anyone that has any ability to do anything about your concerns.
Send feedback directly to Apple here: http://www.apple.com/feedback/iphone.html
Similar Messages
-
I know that the iPhone's personal hotspot uses strong WPA2 protection. But I was wondering if there was any way that people could eavesdrop, spy on your wi-fi traffic, grab it out of the air, so to speak? I know this might sound like a dumb question, but I just want to know how secure the personal hotspot is. Would you feel safe doing banking on it, for example?
You're only speaking to other iPhone users here - not anyone that has any ability to do anything about your concerns.
Send feedback directly to Apple here: http://www.apple.com/feedback/iphone.html -
Personal hotspot password security?
On my iphone I notice in the settings page that my personal hotspot password is visible instead of the usual asterisks. Can other people with wifi see my password?
They cannot.
I believe it is there to remind you of the password to share with your authorized users.
The connection uses WPA2 Personal security. -
App for securing personal hotspot
Hi there,
So I recently had my personal hotspot somehow hacked - and someone used about 90% of my data allowance. I managed to stop it before things got too far. Im not sure how they managed this as I had a rather complex password.
Is there an app that can act a bit like a firewall or something to stop someone, or more than 1 person, using my hotspot?
I have searched the app store - but its a needle in a hay stackThere are no apps, as none would have access to the necessary API's to do so. Since you can't operate Personal Hotspot without a password, and that password is required for any device to connect, and the screen shows you the number of connections, I'm having a tough time understanding how you were "hacked". You do realize you can terminate connections at will, correct?
-
TS1398 No wifi niether Personal hotspot on the Ipnoe 4S
I have to reset my devices frequently to access the internet with wifi connection, this is happening since i upgrade to IOS 6 and this is happening at home and at work, and my Ipad don't connect trough the Personal Hotspot from my Ipone 4S anymore, what will be the best solution? Any suggestion?
iOS 6 Wifi Problems/Fixes
Fix For iOS 6 WiFi Problems?
http://tabletcrunch.com/2012/09/27/fix-ios-6-wifi-problems/
Did iOS 6 Screw Your Wi-Fi? Here’s How to Fix It
http://gizmodo.com/5944761/does-ios-6-have-a-wi+fi-bug
How To Fix Wi-Fi Connectivity Issue After Upgrading To iOS 6
http://www.iphonehacks.com/2012/09/fix-wi-fi-connectivity-issue-after-upgrading- to-ios-6.html
iOS 6 iPad 3 wi-fi "connection fix" for netgear router
http://www.youtube.com/watch?v=XsWS4ha-dn0
Apple's iOS 6 Wi-Fi problems
http://www.zdnet.com/apples-ios-6-wi-fi-problems-linger-on-7000004799/
~~~~~~~~~~~~~~~~~~~~~~~
Look at iOS Troubleshooting Wi-Fi networks and connections http://support.apple.com/kb/TS1398
iPad: Issues connecting to Wi-Fi networks http://support.apple.com/kb/ts3304
WiFi Connecting/Troubleshooting
http://www.apple.com/support/ipad/wifi/
How to Fix: My iPad Won't Connect to WiFi
http://ipad.about.com/od/iPad_Troubleshooting/ss/How-To-Fix-My-Ipad-Wont-Connect -To-Wi-Fi.htm
iOS: Connecting to the Internet
http://support.apple.com/kb/HT1695
iOS: Recommended settings for Wi-Fi routers and access points http://support.apple.com/kb/HT4199
Additional things to try.
Try this first. Turn Off your iPad. Then turn Off (disconnect power cord for 30 seconds or longer) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
Change the channel on your wireless router (Auto or Channel 6 is best). Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
How to Quickly Fix iPad 3 Wi-Fi Reception Problems
http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
If none of the above suggestions work, look at this link.
iPad Wi-Fi Problems: Comprehensive List of Fixes
http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
Fix iPad Wifi Connection and Signal Issues http://www.youtube.com/watch?v=uwWtIG5jUxE
Fix Slow WiFi Issue https://discussions.apple.com/thread/2398063?start=60&tstart=0
Unable to Connect After iOS Update - saw this solution on another post.
https://discussions.apple.com/thread/4010130
Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
~~~~~~~~~~~~~~~
If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
Cheers, Tom -
Question about Personal Hotspot
First of all, apologies if I have posted this to the wrong place - I am new to this!
I have limited knowledge about how the Personal Hotspot feature on the iPhone works. Yesterday I used it for the first time.
I connected to a friend's personal hotspot (with their permission) to use the internet. Is it simply the internet connection which is shared between their phone and mine, or would they have been able to have seen any of the content on my phone / would any of it have copied over to theirs? I know this sounds like a stupid question but I know next to nothing about how these things work!
Many thanks in advance!No, they would not be able to see anything on your phone, and nothing would have copied, nor would it have been able to be copied. You are only sharing their connection to the internet. It's not a stupid question at all, by the way. People have lots of questions like this with all the security breaches going on with technology nowadays.
-
Re6500 connecting to Ipad Personal Hotspot --- disconnected.
Im trying to connect my re6500 to my ipad person hostspot. I select the ipad hotspot (verizon) in Site Survey and connect. After several seconds the web page refreshs then on Basic setting page it says status Disconnected.
I have no problems using an android phone hotspot (also on verizon) with the Re6500
Is there a compatibilty problem with using the RE6500 to a ipad personal hotspot?
I was also able to use the re6500 with an AT&T unite hotspot... So it looks like theres an issue with the re6500-->ipad hotspot
tips?
re6500--->IPAD Hotspot ------ Not working
re6500--->Android Hotspot ---- working
re6500--->AT&T Unite----------- working
2.4 GHz Wireless Settings
Status:
Disconnected
Signal Strength:
Network Name (SSID):
Password:
Advanced settings
Channel Width:
Auto (20MHz or 40MHz)20MHz only
Security Mode:
WPA2/WPA Mixed ModeWPA2 PersonalWEPDisabledSounds odd. I'd rather you try using another iPad to properly isolate this.
-
Cisco VPN over a tethered Personal Hotspot on IP4(Airtel)
Hello everyone
I am having problems connecting to our company Cisco VPN over a tethered or Personal Hotspot connection on my iPhone 4 (Airtel).
When the Hotspot is on, I am able to use the CISCO AnyConnect Secure Mobility Client to connect to the server, However, when I use the Remote Desktop Connection.
this is the error:
The Mac cannot connect to the Windows-based computer.
This problem can occur if:
• The Windows-based computer is not set up to accept remote connections.
• The Windows-based computer is not turned on.
• The Mac, or the Windows-based computer is experiencing network problems.
Try connecting to the Windows-based computer again, or contact your administrator.
Has anyone else had these kinds of problems? I have no idea what to try, I am not a VPN/network expert.
If i use an Andriod device to tether the internet connection, I am able to connect to the Cisco server and connect to my work server using the Remote desktop. So i am wondering if this is to do with the way Iphone share internet.
Any help is really appreciated.I have noted that all vpn or remote desktop solutions will not work over personal hotspot(ph) seems like the iPhone is blocking some ports. First I thought it was the lack of service announces over the network but it seems even with a direct ip connect you can't share vpn connections.
This limits apps like Air display from working over an iPhone and some other services like standard vpn are out of the question as well. There must be a .plist file somewhere in the iPhone 4 version of the 4.3.2 ios that blocks certain ports when on ph. Would be nice to have a look, but I have no expertise in this.
But +1 Confirm that vpn are locked. -
Fatal Security Flaw in WRT54GS?
Sorry I don't have the hardware revision handy.
Firmware is 1.52.0. Model is WRT54GS.
I'm configured with WPA2-PSK/AES. Broadcasting my SSID. No MAC access filtering.
HTTPS access only to the config pages. Custom (not default) password. Remote management disabled.
Summary:
The router simply "forgot" its assigned SSID and reverted to broadcasting as "linksys".
It also ceased encrypting its broadcast.
I was able to log in and change it back. It retained many of the OTHER settings I had previously configured.
What causes this? Is it a known issue? Is there a fix?
Details:
Two days ago, I noticed my client (laptop) could no longer see the usual SSID that I connect to on my home network.
However, there was a new SSID in the area, named "linksys", broadcasting UNSECURED.
Coincidentally, this new "linksys" access point had the exact same signal strength that my usual access point typically had.
So, I connected to it, you know, just to see.
I was only able to access the config pages at my custom IP address (not at x.y.0.1), prefixed with the "https://" scheme identifier.
And it didn't prompt for a password. Hopefully because it recognized the cookie my browser still carried from the last time I logged in to it. But maybe because it had temporarily dropped ALL of its security measures...
It was definitely my router. Just, stripped of its usual encryption/authentication and its usual SSID.
So, I switched the SSID back to what it usually is.
And I turned the WPA2-PSK/AES encryption back on.
The router "remembered" my WPA2 passphrase, which it helpfully displayed to me as plaintext when I pulled down the "security mode" dropdown menu and selected "WPA2 Personal".
After re-configuring, it works as well as ever.
Is this a known security flaw in the WRT45GS? Because....it seems like a fatal one, as far as network security is concerned.
Is it limited to one firmware release? Is there a firmware upgrade to fix it?
(Again, I regret not having my hardware revision handy.)
Thanks.Thanks for the reply.
Yeah, the initial configuration was done wired.
Subsequent reconfigurations were done wirelessly, on the encrypted wireless, connected via https.
Remote management was NEVER enabled (and remained disabled, even after the router's little spell of amnesia).
This particular router has been up and (mostly) stable for something like three years. For the past year, WPA2-PSK encryption ahs been enabled. The present WPA2-PSK passphrase is NOT the same as the old WEP key.
I'll assume (just for a moment) that nobody hacked the router. The only reason my router would be intresting for anyone to hack is simply because it's there. And there are half a dozen other WPA2-PSK networks and a handfull of WEP networks within shouting distance. And, if it was hacked from the outside, that would also indicate a "fatal security flaw" in the WRT54GS...
So, let's assume it just glitched out and forgot its own name for 12hrs.
Tell me more about what happens to NVRAM as it ages. Does it become less N(on) and more V(olatile) with time?
I know the router got hit by a storm-related power surge about 9 months ago. It was reset at that time, exhibited some strange behavior (not wanting to display the config web pages) and then it "settled down" after a day or two.
While it's performed fine since then, it may have sustained some subtle sort of damage at that time.
But no parameters were lost or altered in the NVRAM. And there was no obvious surge-type event to precipitate it now.
What's the life expectancy of these things anyway? Is this an early warning sign that I should upgrade to new hardware? -
X230 bluetooth does not work - unable to use cell phone as personal hotspot
I am trying to use the bluetooth in my X230 to pair my laptop with my cell phone. I want to be able to use my cell phone as a personal hotspot, in case I am in an area with no secure wi-fi. I would have thought that this would be standard feature in a laptop that is touted as a business device, but apparently this is not the case.
I installed both the bluetooth driver and the latest system update, as suggested by Sarbin...
http://support.lenovo.com/en_US/research/hints-or-tips/detail.page?&DocID=HT073834
and
http://support.lenovo.com/en_US/downloads/detail.page?DocID=DS012808
... but it is still not working for me. I am now able to connect my cell phone to my X230, but instead of enabling me to access the internet via bluetooth, a dialogue box appears enabling me to play songs that are on my cell phone using the laptop speakers.
I am disappointed that the bluetooth driver did not come pre-installed on the x230, and I am disappointed that I am not able to use my cell phone as a personal hotspot for my x230.
Solved!
Go to Solution.There is a key step missing from the prior post, but is shown on the link.
After the steps described in the prior post (e.g., disabling all services on the Bluetooth device except NAP), go to <Control Panel<, <Devices and Printers>, right click on the Bluetooth device (e.g., iPhone) that you want to connect to for your internet hotspot access point, and then click on <Connect Using> and then <Access Point>.
Using this method, the Lenovo's Access Connections program does NOT control this internet connection, thus the icon in the system tray will show NO connection in the Lenovo wireless access icon (even though the computer is connected via the Bluetooth connection to the iPhone).
Disconnecting requires going back into Control Panel and disconnecting from the Access Point.
Kinda clunky in my opinion, but I could never get a connection to the internet via a Bluetooth/iPhone Hotspot combination using the Lenovo Access Connections software despite claims in that software's help section saying that such a connection was possible. (The Lenovo Access Connections Help section even gives instructions to use tabs that don't exist in the software.) -
Why can't I connect my PC to my iPhone's Personal Hotspot?
I cannot connect my PC to my iPhone's personal hotspot through Wifi and even through USB. When I try to connect through wifi using my USB wifi adapter it shows in the available networks. I try to connect, put the security key it just says its unable to connect. When I try to connect through USB it doesn't even show on the available networks, can anyone help me with this?
There may be something in the following that will help: http://support.apple.com/kb/TS2756
-
HT204023 how to know the detail device that connected to the personal hotspot?
when i setup a personal hotspot , i can just know how many devices connected to the hotspot, but don't know the detail devices.
How can i konw? It's a security problem.Concurrently (at the same time) if you are using bluetooth its one. If on WiFi, I'm not sure. I've never connected more than one, but it is possible that it can handle multiple devices. Consecutively (not at the same time) there isn't a limit.
Why is this a security problem? For both WiFi and bluetooth, there is as code required. -
Personal hotspot extra device stealing my data!
I have a brand new iPhone 4s, version 6.0.1, I set up personal hotspot to my PC and android tablet which both work good but my phone tells me I have 3 devices connected! I changed the password and its still saying the same thing. Please tell me how do I find the 3rd device stealing my data?? Bel.
Hi,
Sorry to resurrect old thread.
I have a big problem here. I am using my iphone to connect my PC, dekstop, TV, etc to internet, and I always mindful about my data rate since I am using metered data plan. But somehow, my data usage suddenly increase tremendously. let's say, about 100 times higher than my normal rate.
Been monitoring my phone, I found 2-3 connection logged in when I unplug EVERYTHING from wall socket at my home that can connect to my device. I am sure someone is stealing my hotspot connection, and he probably is one of my neighbor. I don't know who, or which one.
I have tried to change my password 3 times, but that only works for about 1 week at most, then my data plan shot to the roof again. I NEED to secure my phone, or at least limit devices that are allowed to connect to my phone.
I don't want to change my password daily, but I can't let them use my connection forever. I need to limit connection to only selected device. My friend once came to my home and showed me how people do it, and how to ban such devices from connecting to his droid, but I've found no such thing on my phone, and nobody gave a clear answer on the internet.
Please help.. this is driving me nuts.. I've lost close to $3000 a month because of this hijacker. -
Ios 6.0.1 breaks personal hotspot
Since updating to iOS 6.0.1 I can't activate my personal hotspot. It keeps telling me to call AT&T even though I've talked with them numerous times and they've confirmed I have tethering enabled on my account. Has anyone else run into this? I've tried the normal debug steps from reseting my network settings to restoring.
Yep, Gary Hanes is right - I racked my brains goin what the ... my personal hotspot was not appearing on the airwaves Then I checked the iOS version on my iPhone 5 and it was 6.0.1
So I went into settings and sure enough Facetime was ON so I set it to OFF and power-cycled the phone (switched it off then back on) and my personal hotspot was on the air (after I enabled it in settings)
Apple - how can you release an iOS with such a flaw - surely that would be one of the things to check in the final release testing considering so many people would be keen to share the super fast Telstra 4G LTE speeds (Australian carrier)??? I'll be using my Sierra Wireless AirCard 760S (aka Telstra Mobile Wi-Fi 4G) for a little while yet -
Cannot turn off personal hotspot
iPad Air running latest iOS version.
iPhone 6 running latest iOS version.
Personal Hotspot is turned off on my iPhone. My iPad can see its Personal Hotspot as available to connect to.
I tap the entry for the iPhone Personal Hotspot, the iPad connects to it ... even though it is not turned on.
My iPhone confirms this by the telltale blue strip appearing at the top of the screen indicating someone has connected to the phone ...
I check the Personal Hotspot section within iOS and sure enough it has turned itself on.
I turn off the Personal Hotspot again ...
The iPad then shows an alert to indicate its connection has been terminated.
But shortly after, the iPhone Personal Hotspot (which I turned OFF) entry appears in the wireless connection list on the iPad and I can tell it to connect again. I click the entry, and the iPad connects again via Personal Hotspot to my iPhone.
I Have told he iPad to 'forget this device' and it still connects with no issues whatsoever ...
Also, the iPad is able to connect to my iPhone without giving the password that I have set up!!
HELP!
This is a security problem surely?Criticalimpulse wrote:
I was having the same issue after updating iOS in both devices, iPad Air and iPhone 5s my iPad could see my iphone hotspot even tho it was shut off. After reading everyone's reply all I'd did was sign out of iCloud on the iPad and no more issues.
The problem with this solution is you lose all of the benefits of being in the iCloud connection space, which are many and getting to be even more.
The reported problem is that you see a hotspot connection available on your iCloud devices. No one else sees it and it really isn't live until you connect to it. In the old days (before this release) only advanced users could take advantage of a Hotspot. Now they have done away with the concept and your devices can see each other and if you need a wifi connection for one through another's LTE you can do it automatically by just selecting it from the receiving device.
Bottomline, now the fact that you can see a potential hotspot connection with one your devices (and no one else can see it) doesn't seem to be a problem to me. Once I got used to see it in the bottom part of the list (the not yet active part), I like it. It's easier to start up a hotspot and is only confusing to those of us who used to go through all of he steps previously. New users to iOS don't even have to know what a hotspot is and they can connect their devices. That's why they switched.
Maybe you are looking for
-
My iphone 5s Bluetooth no longer works in my 2014 honda accord, ever since i updated the software two months ago. Can anyone help?
-
Report the size of all SharePoint Databases in a text file using PowerShell?
I am new to Powershell. please help me for following question with step by step process. How to report the size of all SharePoint Databases in a text file using PowerShell?
-
On-board mike output to phone line?
On a 10.6.8 intel desktop, can I have on-board mike output to phone line? Someone wants to interview me for two hours. How can I do that hands-free through, for example, GarageBand, or directly, or inside a Skype I'd have to add, or...? Kudos BTW for
-
Can you make calls on iPod Touch?
I've been thinking about buying an iPhone 4s. However, the price is quite high and I found that the iPod Touch is alot cheaper and has Siri and a good camera. Could you please tell me if you can make calls and text on iPod Touch?
-
Question marks and slideshow now working
I am have the same problem with question marks, lines going through the photos and the slideshow option won't work. I did see someone mentioned republishing. I will try that. Are others having the same problems.