This myth has been around for a very long time and we aren’t expecting everybody to receive this news with happy agreement. You’re welcome to state your case in the comments for why hidden wireless networks are a great idea, but we think if you keep reading, you’ll realise that it’s just not a security feature.
Wireless SSIDs Were Never Designed to Be Hidden
It’s never a good sign when manufacturers create technologies that don’t follow the agreed-upon spec documents that ensure interoperability between vendors — it’s usually a way for them to make more money with vendor lock-in features that require you to buy their hardware. Image by Chaotic Good01
In this particular case, the 802.11 wireless spec requires access points to broadcast their SSID, or at least it originally did according to Microsoft’s Steve Riley:
An SSID is a network name, not — I repeat, not — a password. A wireless network has an SSID to distinguish it from other wireless networks in the vicinity. The SSID was never designed to be hidden, and therefore won’t provide your network with any kind of protection if you try to hide it.
Obviously, feature demand drives the specifications, so even though everybody eventually supported hidden SSIDs, the point is that there’s no extra protection from hiding your SSID. Read on.
Finding Hidden SSIDs Is a Trivial Task
It’s extremely easy to find the ID for a “hidden” network — all you have to do is use a utility like inSSIDer, NetStumbler or Kismet to scan the network for a short while to show all of the current networks out there. It’s really that simple, and there are plenty of other tools that do the same job.
Don’t believe me? Grab a copy, start it up and then click the Start Scanning button – within a minute you’ll see a list of every single network in range. You can then identify which ones are using WEP and start cracking them.
Update: Some commenters have complained that you can’t see the networks… and we should clarify: Hidden networks show up as Unknown in version 1 of this particular tool, but they do show all of the other data about the network, including the encryption type and MAC address. Version 2.0 of inSSIDer actually does show the SSID for a hidden network. You’ll see in this screenshot the lhdevnet network, which I’ve hidden on the router.
Real hackers are going to be using tools like Kismet and Aircrack to figure out the SSID before they crack your network, so whether or not a particular tool is showing the right data is beside the point. Should also note that you can use this tool to figure out how to change the wireless router channel and optimise your Wi-Fi signal.
Hidden Wireless Networks Are a Pain to Deal With
Now that you know how simple it really is for people to find your ID, wouldn’t you rather use the default networking configurations where you can easily select the network from a list? Why go through all the steps required to connect to a hidden network?
For instance, on your Windows 7 box, you’ll have to go to Network and Sharing centre –> Manage Wireless Networks –> Add –> Manually Create a network profile to get to the screen where you can start entering all the details for the hidden network. For a network that is broadcasting, all you have to do is click twice.
And that’s just Windows 7, which makes wireless networking easy — having to go through all the configuration screens on every single one of your devices is just ridiculous.
Hiding the Network Leads to Potential Connection Problems
This isn’t quite as much of a problem since Windows 7 came along, but back in the Windows XP days, there were quite a few connection problems when you were using a hidden SSID, not to mention getting disconnected and connecting to the wrong network. Basically, Windows would automatically try to connect to a less preferred network that was broadcasting instead of a preferred network with a hidden SSID — the only way around it was to disable automatic connection to the broadcasting one, which was annoying as well.
The same thing holds true with some other devices — I’ve seen problems with Android phones, and you can just do some quick Google searches to find loads of other issues that are all resolved by not using a hidden SSID.
There’s another problem with hiding your wireless network name: depending on the device, many devices won’t let you automatically connect to a hidden network, and if you have automatic connection enabled, you’re actually leaking your network name, as we’ll explore below.
Hidden Wireless SSIDs Actually Leak Your SSID Name
Microsoft’s Technet explains exactly why hidden SSIDs are not a security feature, especially with older clients:
A non-broadcast network is not undetectable. Non-broadcast networks are advertised in the probe requests sent out by wireless clients and in the responses to the probe requests sent by wireless APs. Unlike broadcast networks, wireless clients running Windows XP with Service Pack 2 or Windows Server® 2003 with Service Pack 1 that are configured to connect to non-broadcast networks are constantly disclosing the SSID of those networks, even when those networks are not in range.
Therefore, using non-broadcast networks compromises the privacy of the wireless network configuration of a Windows XP or Windows Server 2003-based wireless client because it is periodically disclosing its set of preferred non-broadcast wireless networks.
The behaviour is a little better in Windows 7 or Vista as long as you don’t have automatic connection enabled-the only way to be sure that you’re not leaking the network name is to disable automatic connection to wireless networks with a hidden SSID. Microsoft’s explanation:
The Connect even if the network is not broadcasting check box determines whether the wireless network broadcasts (cleared, the default value) or does not broadcast (selected) its SSID. When selected, Wireless Auto Configuration sends probe requests to discover if the non-broadcast network is in range.
How Should You Secure Your Network Then?
When it comes to wireless network security, there’s really only one rule that you need to follow: Use WPA2 encryption and make sure that you are using a strong network key.
If you’re not using encryption, or you’re using the pathetic WEP encryption scheme, it doesn’t matter whether you hide your SSID, filter MAC addresses or cover your head in tin foil — your network is wide open for hacking in a matter of minutes.
Myth status: debunked.
Debunking Myths: Is Hiding Your Wireless SSID Really More Secure? [How-To Geek]
Republished from Lifehacker.
Greg
Tuesday, September 14, 2010 at 11:42 AMAll of the above is right on the money, but it does forget that increasingly large group of people who have mobile devices with wifi capability that are looking for a free network.
When looking after a set of wireless networks in the CBD I found if I left the SSID visible it would constantly be pinged by people trying to log into the network (and failing due to WPA2) – if I set it to hidden these attempts basically dropped to zero.
This meant that any suspicious wifi activity stood out more, and there wasn’t an issue in trying to figure out whether this was just a chancer with an iPhone or someone who I should be genuinely concerned about.
Jatallica
Tuesday, September 14, 2010 at 5:05 PMI agree.
They mention hackers will use Kismet or Aircrack to get around a hidden SSID, so there is no point hiding it.
In the real world a professional burglar will use tools to get around the dead locks on my doors, so is there also no point in installing locks in my house?
Hidden SSID’s absolutely are security, they secure your network from averages Joes that only have a smattering of network knowledge, just like locks on my doors keep Jehovah Witnesses out but not professional burglars.
DJ
Tuesday, September 14, 2010 at 10:49 PMI agree with that. It’s not so much “security by obscurity” as it is “security by convenience” Around my place there are 6 visible networks + plus my hidden one. Anyone looking for free or even a hacker trying to crack a wifi network for some illicit purpose is going to go after the visible ones before trying to find my hidden one.
Rob H
Tuesday, September 14, 2010 at 1:13 PMSSID hiding is also handy if trying to avoid the eyes of your friendly work IT department ;)
aiht
Tuesday, September 14, 2010 at 1:42 PMI agree with Greg.
Hiding the SSID is not any more secure against attacks, but it does reduce the number of casual attack attempts.
This is similar to using a non-standard port for an SSH server. Sure, it’s trivially easy for an attacker to find the open port, which then tells them that it’s running SSH.
The thing is, there are less attackers doing that, while there are hundreds of automated attacks on port 22 connecting all the time.
At least it keeps your logs smaller.
Hiro
Tuesday, September 14, 2010 at 1:45 PMWhile there may be tools out there that can do all sorts of things, the odds of encountering an individual who would walk around using them is slim. People that would bother to sit there and hack your network when you can get free wifi in a lot of places is even slimmer. The people your trying to stop are everyday people who try to connect to your network, just because they see it in their list on their device. If you live in an apartment on a busy street, this could be quite annoying.
If you happen to encounter an individual who happened to be an expert at hacking, chances are it doesn’t matter what you got securing it.
matt
Tuesday, September 14, 2010 at 2:00 PMto me, its all about security : convenience ratio.
you hide the SSID, its a pain to connect to, you use MAC address filtering, its a real pain to connect to.
both of these measures are fairly pointless as they can be circumvented. SSIDS get broadcast over many other channels even if you “hide” it, and anyone can spoof a mac address.
just turn on your WPA, and its as easy as typing in a password once. and does far, far, far more than SSID hiding or mac address filtering could…
Terry
Tuesday, September 14, 2010 at 2:32 PMI agree with Greg.
I hide my SSID, not to make it “secure”, but rather to minimise the connection attempts by the techno-tard who think their iPhone or whatever will be able to get free ‘net access.
Also, if the script kiddies (old term, I know) can’t see my network readily, they’ll almost always concentrate their efforts on one they CAN find. Especially if it’s called something like “Click Here For Virus” (there’s one called that near me, and yes, he keeps getting hacked and can’t figure out why. No it’s not me)
Sean
Wednesday, September 15, 2010 at 2:13 PMAny “script kiddy” is going to have at a minimum at least one of the tools mentioned in the article to discover all local networks. Anyone that can break into a network that has a password on it is going to have these tools.
Unless you don’t have a password, hiding your SSID is not adding any security.
mrSilkie
Tuesday, September 14, 2010 at 4:13 PMIn My Opinion, it is best to lock your network to specific Mac Addresses, that way, no matter how hard they try they’re not going to get in without you letting them do so.
Timmy Connor
Tuesday, September 14, 2010 at 6:39 PMUm that is also false. It takes all of a few seconds to poof a mac address. A lot of hassle for very little security gain.
http://www.zdnet.com/blog/ou/the-six-dumbest-ways-to-secure-a-wireless-lan/43
^ mac address filtering is at number one.
Lipka
Thursday, September 16, 2010 at 1:40 PMWhat do you all think about my ideas?
Set up semi-secured trojan wireless networks that routes the traffic to a global network that exists solely for the purpose of putting a group of hackers onto the same network (hopefully unknowingly to them). That way, they can hack each other.
Furthermore, manufacture routers that feature semi-secured trojan networks that attempt to hack/attack any devices that joined onto it (e.g. DOS, nuke). The idea is that anyone wanting to hack to join a network may unknowingly hack into a trojan network and get hacked/attacked instead.