Skip to content Skip to main navigation

News

Avani Terraces - Greenway
Life is looking up

CBRfree public Wi-Fi in full bloom

By Canfan - 22 October 2014 8

Canberra’s new public Wi-Fi, CBRfree has proved popular at this year’s Floriade with more than 48,000 sessions and nearly 13,000 unique users connecting to the network over the duration of the festival, Chief Minister Katy Gallagher and Minister for Tourism and Events Andrew Barr announced yesterday.

This year, for the first time in Floriade’s history, visitors were able to access free public Wi-Fi through Canberra’s new free public Wi-Fi network, CBRfree.

“Since the event kicked off in September, more than 1.4 million people have seen a Floriade related post on Facebook. Floriade’s Facebook fan base grew from over 12,000 likes at the beginning of the event, to around 40,000 by the end, making it clear that providing free public Wi-Fi has been a success,” the Chief Minister said.

“CBRfree public Wi-Fi has not only enhanced the experience of Canberrans and visitors alike by making it fun and easy for people to share their experiences at the event with friends and family over social media, but it has also started promoting Canberra’s image as a leading digital city.

“The free public Wi-Fi offered at Floriade this year provided users with the same capability that is currently being rolled out in Civic East – the first area of the city to be fully live at the end of this month. This will be followed with a staged rollout in other town centres and commercial precincts over the following 12 months to deliver the benefits of greater connectivity across the ACT.

Floriade free public Wi-Fi usage statistics from 13 September through to 12 October 2014 include: 12,827 unique user connections;

  • a total of 48,601 unique sessions; and
  • an average data usage per user of 41.49MB.

“It is also fantastic to see that Floriade has again achieved outstanding results in 2014, recording the highest overall attendance in the event’s 27th year. A total of 481,854 visits were recorded, up from last year’s figure of 448,987,” Minister Barr said.

“These results further prove that Floriade remains one of Canberra’s favourite events and continues to be Australia’s premier spring time celebration. It also demonstrates the positive impact CBRfree Wi-Fi will have in making Canberra an even smarter and more liveable city,” Minister Barr concluded.

(Andrew Barr and Katy Gallagher Media Release)

What’s Your opinion?


Post a comment
Please login to post your comments, or connect with
8 Responses to
CBRfree public Wi-Fi in full bloom
dungfungus 6:44 pm 23 Oct 14

riotact said :

Definitely. Depending on your phone you are missing out on carrying maps in your pocket unless you have a standalone GPS for one thing (Windows Phones exempt as they will download persistent maps)…..You miss out on doing quick, easy, secure banking by typing a 4 digit pin and pressing a few buttons like on an ATM…..without actually having to go to an ATM (Yes you can call phone banking but it is definitely more of a hassle then opening an app and immediately seeing balance etc).

It appears I am missing out on stuff that I don’t need but thanks for enlightening me anyway. I was wondering what those rude people do in theatres with their devices and now I know.

Maya123 5:48 pm 23 Oct 14

riotact said :

I don’t have a phone with data (whatever that means). Does this mean I am missing out on something?

Definitely. Depending on your phone you are missing out on carrying maps in your pocket unless you have a standalone GPS for one thing (Windows Phones exempt as they will download persistent maps)…..You miss out on doing quick, easy, secure banking by typing a 4 digit pin and pressing a few buttons like on an ATM…..without actually having to go to an ATM (Yes you can call phone banking but it is definitely more of a hassle then opening an app and immediately seeing balance etc).

Banking can be done on the computer at home. There’s only a rare reason to need to call the bank. On a phone, can you see if the site you are accessing is secure, as you can on a computer?

dkNigs 1:50 pm 23 Oct 14

Walking through Garema place, all of a sudden no pages will load. Oh, my phone auto connected to CBR Free wifi, which apparently isn’t connected to the internet… Turn Wifi off, continue.

riotact 10:59 am 23 Oct 14

I don’t have a phone with data (whatever that means). Does this mean I am missing out on something?

Definitely. Depending on your phone you are missing out on carrying maps in your pocket unless you have a standalone GPS for one thing (Windows Phones exempt as they will download persistent maps)…..You miss out on doing quick, easy, secure banking by typing a 4 digit pin and pressing a few buttons like on an ATM…..without actually having to go to an ATM (Yes you can call phone banking but it is definitely more of a hassle then opening an app and immediately seeing balance etc).

riotact 10:31 am 23 Oct 14

How do you edit comments? Seems I can’t…..but I thought I’d like to add that all of what I mentioned could be avoided if they set up WPA2 as the security for CBRfree and even if they simply made the password “cbrfree” and changed the SSID to “PasswordIsCBRfree” this will mostly protect you from everything I just mentioned…….but they won’t do it 🙂

dungfungus 10:23 am 23 Oct 14

riotact said :

“It also demonstrates the positive impact CBRfree Wi-Fi will have in making Canberra an even smarter and more liveable city”

Pfffft….Maccas have had free wifi for donkeys.

Who doesn’t have a phone with data these days anyway….yes this wifi is going to suddenly make Canberra super smart and wayyyy more liveable…..I mean I guess it’s always nice to get something for nothing from the Government……but then nothing is ever really for nothing when it comes from the public purse.

Oh FYI…..open (insecure) wifi networks such as CBRfree are prone to a little trick where perpetrator sitting near you firers up his/her rouge wifi station……floods the network with deauth packets to force your device to drop off the legit CBRfree access point…then if you are close enough to the perp and perps rogue wifi station has a strong enough signal, it pretends to be CBRfree and now your device unquestionably connects to the perps wifi station and the perp starts capturing your packets (Karma mode on Pineapple). Here is one example of a consumer rogue wifi station https://wifipineapple.com

Ok……so you’re now saying “Yea but sites like facebook use https” …. sure…..but if I’m acting as a “Man in the Middle” and so I’m establishing the SSL session to facebook, I can then render a http(not s) version of the site to you and hope you don’t see that it doesn’t have the green padlock (SSLStrip on Pineapple). Be honest, you wont notice. But ok……you do notice because you’re smarter than 92.3% of public servants….so this time I create my own site that looks exactly like facebook, or your bank and I host it on my own domain created for this task. I get my own certificate which is trusted as issued to my domain. As you are on my network, I capture your DNS queries for facebook.com and I direct you to my fake facebook site instead of the real facebook.com. I can alter what appears in the address bar of your browser so you now look like you are at facebook.com…..you have the little green padlock or whatever (browser will vary) and it is all https so you think great I’m encrypted with the green padlock and I’m good to go. Sure if you closely inspect the certificate you may see it is trusted for faceb0ok.com instead of the real deal….but you won’t look.

So you then proceed to enter your password into my fake facebook page, I capture the password and then I forward it to the legitimate facebook and relay the responses from facebook to you so you’re now logged onto facebook legitimately and I have your password.

Oh and you think that’s bad……you should see what data apps spit out in the clear… The thing with apps as well is there is no green padlock to tell you if the link is https or not……and if I do a “Man in the Middle” on the https session to the back end web API, quite often the app does no checking on encryption….and if it does force encryption and I have to supply a certificate…..8/10 it will not even check the legitimacy of the certificate and just trust it……

Woohoo! CBRfree, making Canberra smarter and more livable….LOL

I don’t have a phone with data (whatever that means). Does this mean I am missing out on something?

switch 8:40 am 23 Oct 14

“Rouge wifi” – is this some sort of lefty pinko commie plot?

Otherwise a very good description of the pitfalls.

riotact 2:10 am 23 Oct 14

“It also demonstrates the positive impact CBRfree Wi-Fi will have in making Canberra an even smarter and more liveable city”

Pfffft….Maccas have had free wifi for donkeys.

Who doesn’t have a phone with data these days anyway….yes this wifi is going to suddenly make Canberra super smart and wayyyy more liveable…..I mean I guess it’s always nice to get something for nothing from the Government……but then nothing is ever really for nothing when it comes from the public purse.

Oh FYI…..open (insecure) wifi networks such as CBRfree are prone to a little trick where perpetrator sitting near you firers up his/her rouge wifi station……floods the network with deauth packets to force your device to drop off the legit CBRfree access point…then if you are close enough to the perp and perps rogue wifi station has a strong enough signal, it pretends to be CBRfree and now your device unquestionably connects to the perps wifi station and the perp starts capturing your packets (Karma mode on Pineapple). Here is one example of a consumer rogue wifi station https://wifipineapple.com

Ok……so you’re now saying “Yea but sites like facebook use https” …. sure…..but if I’m acting as a “Man in the Middle” and so I’m establishing the SSL session to facebook, I can then render a http(not s) version of the site to you and hope you don’t see that it doesn’t have the green padlock (SSLStrip on Pineapple). Be honest, you wont notice. But ok……you do notice because you’re smarter than 92.3% of public servants….so this time I create my own site that looks exactly like facebook, or your bank and I host it on my own domain created for this task. I get my own certificate which is trusted as issued to my domain. As you are on my network, I capture your DNS queries for facebook.com and I direct you to my fake facebook site instead of the real facebook.com. I can alter what appears in the address bar of your browser so you now look like you are at facebook.com…..you have the little green padlock or whatever (browser will vary) and it is all https so you think great I’m encrypted with the green padlock and I’m good to go. Sure if you closely inspect the certificate you may see it is trusted for faceb0ok.com instead of the real deal….but you won’t look.

So you then proceed to enter your password into my fake facebook page, I capture the password and then I forward it to the legitimate facebook and relay the responses from facebook to you so you’re now logged onto facebook legitimately and I have your password.

Oh and you think that’s bad……you should see what data apps spit out in the clear… The thing with apps as well is there is no green padlock to tell you if the link is https or not……and if I do a “Man in the Middle” on the https session to the back end web API, quite often the app does no checking on encryption….and if it does force encryption and I have to supply a certificate…..8/10 it will not even check the legitimacy of the certificate and just trust it……

Woohoo! CBRfree, making Canberra smarter and more livable….LOL

Related Articles

CBR Tweets

Sign up to our newsletter

Top
Copyright © 2017 Riot ACT Holdings Pty Ltd. All rights reserved.
www.the-riotact.com | www.b2bmagazine.com.au | www.thisiscanberra.com

Search across the site