Tech Corner: Can You Trust The NYC WiFi Hubs?

Mandy Mac February 5, 2016

As part of the LinkNYC Project, the first of New York City’s WiFi Hubs went live on January 19th. The hubs are offering free WiFi to anyone only 150 feet from its location, and will also be equipped with USB charging ports and custom, built in tablets for browsing the web. At the moment, they are limited to Manhattan, but a total of 7,500 hubs are going to be installed to replace pay phones throughout the five boroughs.

A public WiFi network brings in some risk, and with these hubs providing a large network to various people, it brings some concerns to questioning: How secure are the hubs and can we trust them?

CityBridge, the group that designed the hubs, have built a number of protection to keep any hacks and information leaks from happening. For insistence, there are a series of filters and proxies that will block anyone who tried to download malware during a browsing session. There is also a team employed by the city who are dedicated to monitoring the traffic of the hubs. If the team detects a user receiving data from a “command-and-control” server, they will end that user’s session immediately. And, let’s just say a bad piece of software does somehow make it onto the hub’s tablet, it luckily will not be there for long. The hubs go through a hardware reset after 15 seconds of inactivity; this will wipe everything from the hub that was not installed by the company.

Now, what about sniffing attacks. This kind of attack involves an attacker sitting on the network and watching data being transmitted. For example: if you are on a non-encrypted website and type in your username and password, an attacker could see that information. Banking, email, and social network websites are normally encrypted, there are still a large portion of websites that are unencrypted, leaving information exposed for hackers.

Users connected to the LinkNYC hub’s private network are safe from hackers. The private network is currently only available for Apple devices iOS 7 and above. The private network offers a more secure connection and is still free to the public. To access it, the user will need to accept the network’s key. The public network is available to all devices, but its accessibility leaves it exposed to attacks. Unfortunately, there is not much the company can do to prevent this type of attack. As a user, it is best advised to turn off your WiFi when you are not looking to connect. (This tip is helpful for more than just the NYC WiFi Hubs).

Finally, the USB ports in LinkNYC hubs are only meant to charge devices. This means they are set up to be incapable of transmitting data.

4

To keep residents and visiting tourist of New York City secure of their information, CityBridge plans on performing check-ups for each hub in-person twice a week to clean and check for vandalism. Sensors will be hub’s main protection between those visits as well.

As a user, the best advice is to use these hibs the same way you would use any other public WiFi network: be careful! While LinkNYC are taking the security seriously and doing their best to provide you with safe browsing while you use the hubs, here are some tips you can use for protect yourself and your information: Use the private network if possible, turn off WiFi if it is not connected and in use, turn off file sharing, pay attention to SSL- protected pages for safe browsing (standard security on links to ensure all data passed between the web server and browser remains private and integral), or, if you can, deploy a VPN. If for any reason things feel strange during you time linked on the hub, unconnect and try a different hub. Make it a rule for yourself to not access your online banking or any other site with sensitive information on the public tablet or open WiFi.

Do you trust the LinkNYC WiFi Hubs? Do you like this change to the payphone? Share your thoughts by joining our conversation on Facebook and Twitter! Let’s discuss!

Check out our Pinterest Top Ten Board for more pictures and how-to links.