Warning: “Silicon Valley” spoilers ensue.
In the latest episode of HBO’s “Silicon Valley” (aptly titled “Hooli-Con”), the guys sought to covertly grab attendee data at Hooli’s annual tech convention. Beyond the moral boundaries being crossed — which Jared did not want to step over — Richard, Dinesh and Gilfoyle had a colossal challenge on their hands: setting up rogue wifi “pineapples” around the convention in order to have users login to their system and allow the Pied Piper team to pull information.
It’s an entertaining storyline, though it seems pretty inconceivable a small team of engineers could hack a major tech conference as did the gang in this season’s penultimate episode.
But it’s not completely out of the question, according to software guru Jeff Atwood — co-founder of Stack Overflow, a programming community with more than seven million members.
“It is partially credible, as people would connect to the local malicious wifi and you could serve them ‘fake’ versions of sites,” said Atwood in an interview with TheWrap. “However! It is almost completely mitigated by HSTS [HTTP Strict Transport Security] which any large site would definitely already be using.”
In layman’s terms: If Apple or Google were lazy enough to use a vulnerable internet connection for its attendees, it would create an opening for hackers to funnel users towards their wifi. Of course, this is rarely the case.
Atwood laid out three ways a “small window of attack” could be pulled off like the “Silicon Valley” maneuver: