Security company F-Secure ran an independent investigation and found that people are willing to give up a lot to get free WiFi. They are even willing to give up their firstborn child or their favorite pet.

The purpose of this investigation was to show that, when connecting to free WiFi, people carelessly agree to outlandish terms & conditions and recklessly expose their private data.

We live in a connected world and, in this world, having access to the internet is a must. Connecting to a free WiFi hotspot is a quite convenient way of getting online, getting in touch with others, and accessing the data we need. The question is: how much are you willing to give up to use free WiFi? Would you be willing to give up your firstborn child or your favorite pet? Would you trade your personal info for free WiFi?

Security company F-Secure conducted an independent, Europol-supported investigation on the streets of London to find out. Three people took part in the investigation:

• Sean Sullivan, F-Secure’s Security Advisor.
• Finn Steglich of the German penetration testing company, SySS – he was tasked with building a “poisoned” WiFi hotspot that was taken out on the streets of London were unsuspecting users could connect to it.
• Freelance journalist Peter Warren of the UK’s Cyber Security Research Institute – he was tasked with documenting everything.

The investigation found that people are willing to agree to outlandish terms and conditions. A clause was shortly introduced in the Terms & Conditions page, clause that stated you have to give up your firstborn child or most beloved pet in exchange for WiFi use. Six people agreed to such a clause. This highlights the fact that people don’t pay attention to the Terms & Conditions page; after all, it is quite lengthy and fairly difficult to understand. But it does raise the question: do you know what you agree to?

The investigation also found that people are recklessly exposing their private data. The people that connected to the poisoned WiFi hotspot set up by F-Secure exposed their internet traffic, their personal data, and the contents of their emails. The researchers found that they could read the content of the email, see the address of the sender and recipient, and even see the sender’s password.

The full details on F-Secure’s investigation are available in a report entitled Tainted Love – How Wi-Fi Betrays US.



The poisoned WiFi hotspot built by Finn Steglich cost around 200 Euros. The components needed to build the hotspot cost around 200 Euros and little technical knowledge was required to put them together. The hotspot was set up in prominent business and political districts of London. In just 30 minutes, more than 250 devices connected to this poisoned hotspot. Now, imagine what someone with malicious intent can do by investing a bit more money and some more time into something like this.

“We all love to use free wi-fi to save on data or roaming charges,” says Sean Sullivan, Security Advisor at F-Secure, who participated in the experiment. “But as our exercise shows, it’s far too easy for anyone to set up a hotspot, give it a credible-looking name, and spy on users’ Internet activity.”

There are two solutions.

• 1. Stay away from free WiFi. But since this isn’t always possible, I’ll just move on to #2.
• 2. Protect yourself. With WiFi security, your connection is invisible in the WiFi network and your data is encrypted and thus made unreadable.

WiFi security is offered by F-Secure’s Freedome. Available for iOS and Android, F-Secure Freedome you safe, invisible, and untrackable. The app protects against harmful sites and apps, encrypts your internet connection, lets you surf the web anonymously, and ensures advertisers cannot track you.