Thursday, August 6, 2015 - 13:35
Report: Free train wifi totally unsecured; NS ignored warnings
The WiFi network on NS trains appears to be completely unsecured. Users' data, including personal information, is accessible to anyone with a cheap antenna. And despite multiple warnings, NS does not plan to do anything about the problem. This is according to Hannes Muhleisen, PhD computer scientists who works at the Amsterdam research institute Center for Mathematics and Computer Science. Using two cheap antennas, Muhleisen accessed the data of tens of thousands train passengers for five months from his houseboat just east of Amsterdam Central Station. This was done with no hacking, no digital penetration or technological disguise, only with two cheap antennas. After contacting NS multiple times, warning them about the problem. And after months of no response, Muhleisen decided to go public and tell De Correspondent about his experience. Muhleisen first noticed that he can access the train WiFi in March this year. He wondered if it would be possible to see the traffic on the network, to "listen in" on the devices connected to the network. He suspected that this would be impossible. "The passengers sit in a closed compartment in a moving trains and use phones with not much power. In addition the trains only go past my house for 20 seconds", he said to De Correspondent. He decided to try it anyway. He hung two cheap antennas that can receive traffic from a WiFi network on the doorstep of his houseboat and used open source software to make sense of the information. And to his astonishment, data from thousands of train WiFi users started streaming in, including what sites they visit, what apps they use, what type of device they have and their unique numbers. In five months he collected data from 114,558 different devices. Muhleisen started contacting NS in early April, using email, Twitter and the NS website. He told the company about his project and asked them to consider an encryption set. The answers he got came down to NS not doing anything about the security of their WiFi Network. On Twitter he was told that it was impossible to change the WiFi security, and when he pointed out that this is completely untrue, he was told that his question was sent to IT management. He has heard nothing back. His query on the website got the resonse that his suggestion has been brought to the attention of the responsible apartment. After following up on that, he was told that it is being discussed and he will not receive any further feedback. "I hope you are nevertheless confident that we will treat your report carefully." He then tried different channels. He found the "Head of IT Operations NS" and the "Business Consultant - NS Travelers IT Operations" email addresses on LinkedIn and contacted them. No response. De Correspondent also contacted NS. "Once we can say more about it NS will announce it", was the first response. Second response: "I think it will stay the same."