Londoners agree to give up first-born child in exchange for free internet

Experiment with 'Herod clause' exposed lax security with open wi-fi networks

StealthGenie could be installed with just a couple minutes access to the victim's phone
StealthGenie could be installed with just a couple minutes access to the victim's phone

Londoners agreed to give away their first-born child in exchange for free wi-fi in an experiment exposing an “utter disregard” for security by smartphone users.

Security firm F-Secure set up a hotspot offering free internet in Canary Wharf to see who would agree to a “Herod clause” in the terms and conditions.

In just half an hour, 33 people attempted to connect and six, probably unwittingly, said they would “render up their eldest child for the duration of eternity”.

F-Secure, which has disabled the network and will not attempt to enforce the contract, said the hotspot let them identify devices, read emails and take usernames and passwords.

The firm’s security advisor, Sean Sullivan, said: “Free, open wi-fi is unsecure.

“It wasn’t designed for the 21st Century and it’s leaking information about us to people that we don’t have any knowledge of an they’re collecting data on us that we’re not consenting to.”

The report, called “Tainted love: How wi-fi betrays us”, found a “reckless” attitude to security by people going online on their phones.

Troels Oerting, Europol’s Assistant Director and a cybercrime specialist, said while some criminals exploit the public weakness for free wi-fi by hacking networks, others create their own hotspots to lure users in.

“We have found that the security on many wi-fi hotspots is rather low,” he added.

“So because they are not set up in the proper way, the criminals don’t even need to set up their own service. They can simply look into the service that is providing the wi-fi to get what they want.”

People surf the internet using free wi-fi at a cafe in Shanghai

Mr Sullivan said that although many people were suspicious of computers in internet cafes and other public computers, they did not consider their personal devices in the same way.

“And just as you wouldn't trust some computer in a lobby somewhere, you shouldn't trust some wi-fi that‘s just sitting there to connect to your personal device," he added.

“At best, your device is only leaking information about you – at worst, your passwords are being spilled into a publicly accessible space, and it’s not just spilling details to those that control the network – anybody on the network can see your information.”

The report called for more awareness about security, as well as greater transparency from internet providers about what is being collected from users.

F-Secure used the experiment to advertise their Freedome security tool, which creates a secure and encrypted connection and blocks tracking attempts.

No personal data gathered during the experiment was logged and a lawyer was present to ensure all privacy laws were adhered to.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in