Six Britons accidently agreed to give up their eldest child in return for the use of free Wi-Fi in some of London's busiest neighborhoods during an experiment organized by the Cyber Security Research Institute. Intended to highlight the major risks associated with using public Wi-Fi networks and unawareness of serious security issues concomitant with Wi-Fi usage, the experiment was published Monday.
Backed by European law enforcement agency Europol, a Wi-Fi hotspot was first set up in June by a group of security researchers in Cafe Brera in Canada Square, in the heart of Canary Wharf, and later just outside the Queen Elizabeth Centre near the Houses of Parliament, aiming to focus on "the total disregard for computer security by people when they are mobile," the Guardian reported.
When users connected to the hotspot promising network access, they were asked to agree to a set of terms and conditions, including a "Herod Clause" which claimed that free Wi-Fi would only be granted if "the recipient agreed to assign their first born child to us for the duration of eternity."
Six people unwittingly signed up in the short period of time, which eventually forced F-Secure, the Finnish security firm that sponsored the experiment, to disable the page, Agence France-Presse reported. They confirmed that the clause would not be enforced.
"We have yet to enforce our rights under the terms and conditions but, as this is an experiment, we will be returning the children to their parents," wrote the Finnish company in its report. "While terms and conditions are legally binding, it is contrary to public policy to sell children in return for free services, so the clause would not be enforceable in a court of law."
The experiment used a mobile hotspot device, small enough to be carried in a handbag and worth $254 (£160), to trigger the study. Within 30 minutes, 250 devices had requested connection to the German ethical-hacking company SySS device.
According to the Guardian, "In Westminster, 33 devices connected to the hotspot, with researchers startled to find that the popular POP3 email protocol revealed passwords in plain text when used over Wi-Fi," including other location devices managing to collect the text of emails user sent, the email addresses of the sender and recipient, and the password of the sender.
"People haven't had anything to compare it to wrap their head around," F-Secure's Sean Sullivan told the Guardian. "People are thinking of Wi-Fi as a place as opposed to an activity... You don't do unprotected Wi-Fi at home, why are you doing it in public?"
"At best, your device is only leaking information about you at worst, your passwords are being spilled into a publicly accessible space... anybody on the network can see your information."
In addition, criminals are known to typically use free Wi-Fi to steal personal data, the head of Europol's European Cybercrime Centre told the study.
