Skip to main content

How risky is connecting to a hidden wireless network? [Resolved]

According to something I spotted something in a set of directions for connecting to a hidden wireless network from windows 8 found here (located under Step 1 > "Troubleshoot connection problems" > "How do I connect to a hidden wireless network?"):

A hidden wireless network is a wireless network that isn't broadcasting its network ID (SSID). Typically, wireless networks broadcast their name, and your PC “listens” for the name of the network that it wants to connect to. Because a hidden network doesn’t broadcast, your PC can't find it, so the network has to find your PC. For this to happen, your PC must broadcast both the name of the network it's looking for and its own name. In this situation, other PCs “listening” for networks will know the name of your PC as well as the network you’re connected to, which increases the risk of your PC being attacked. (emphasis added)

I had always believed that hidden wireless networks were actually safer than normal ones, because only those who already know of the network are able to connect to it, so an attacker wouldn't be able to connect to it to listen to your traffic.

Are hidden networks actually more risky, as the paragraph says, and if so, what measures can be taken to help mitigate the risk?

Also, I know that there are some countries where publicly broadcasting home networks are actually illegal, and hidden networks are the only option for wireless. If broadcasting networks are safer, why are they illegal in some places?

Question Credit: AJMansfield
Question Reference
Asked May 13, 2019
Posted Under: Security
3 Answers

The risk here is in believing that a "hidden SSID" changes anything to the security. A non-hidden SSID means that the router will shout at regular intervals "hello everybody, I am Joe the Router, you may talk to me !". A hidden SSID means that the client machine (not the attacker's machine) will shout at regular intervals "Hey, Joe, where are you ? Please respond !". Either way, assuming that the SSID (here, "Joe") is not known to any attacker would be overly naive.

A point that could be made is that when the SSID is hidden, then an attacker may assume that the SSID is valuable in some way; so, when your PC connects, your PC shows that it knows the valuable SSID, and thus is also a valuable target in some sense. Not that it would change much things in practice: attackers will attack everything in range anyway, as a matter of principle.

credit: Thomas Pornin
Answered May 13, 2019

Non-broadcast wireless networks aren't inherently less secure, but they're not more secure either. Hiding your wireless network (not broadcasting its SSID) doesn't make your network actually hidden as there are many tools that can help you find "hidden" networks, such as Kismet and inSSIDer.

If configured to do so, Windows Vista and Windows 7 will have to "ping" in the air to find the hidden network. Because of that, when you're not connected to the network, you'll be advertising that you're trying to connect to network X. If someone is listening to these signals, they can easily find out that you have a network called X to which your computer is attempting to connect.

As for the legal issue, I've actually heard that in some jurisdiction it's illegal to leave your network open, but I have never really heard that you have to hide it.

credit: Adi
Answered May 13, 2019

There is no extra risk associated with connecting to a hidden network over a non-hidden one. What matters is who else is connected to that network, and what their intentions are.

When you connect to any network, you are giving all other users of that network access to a very large surface area in terms of your machine's security.

See this answer for more information on what risks are involved in this.

But to reiterate the answer to your overall question; no, whether the network is hidden or not is not really relevant. All you should care about is who else is connected.

credit: Community
Answered May 13, 2019
Your Answer