“Free Public WiFi” SSID

Free Public WiFi

The “Free Public WiFi” SSID seems to be everywhere – at airports, on planes, and in hotels. Based on what the SSID spells, it seems to be the perfect solution for those seeking to connect to the Internet because it is “Free”…cost nothing…”Public”…you break no laws connecting to it…”WiFi” …a few clicks and you’ll be surfing in no time.

Viral SSID

In reality, this SSID is just one of many viral SSIDs that exist anywhere people are with laptops (almost always Microsoft Windows based laptops). In almost all cases this SSID is not a real WiFi hotspot access point but someone else’s laptop in Ad-Hoc mode advertising this SSID. Why does this SSID always appear and more importantly is it harmful if you connected to this SSID?

If you connected to the “Free Public WiFi” SSID in the past, don’t worry…in almost all cases your PC is not infected with a real virus and no data was stolen. Just remember to stop connecting to random wireless networks that you can’t verify as being trusted, especially free ones!

Blame Microsoft Wireless Zero Configuration

The answer to why this SSID seems to be everywhere can be blamed on Microsoft, more specifically a Windows feature called Wireless Auto Configuration (aka Wireless Zero Configuration). Wireless Auto Configuration “provides automatic configuration for the 802.11 adapters”. In an attempt to make it extremely easy to connect to WiFi networks, Wireless Auto Configuration does the following when an 802.11 adapter is enabled and starts to scan for WiFi networks.

1. Wireless Auto Configuration attempts to connect to the preferred networks that appear in the list of available networks in the preferred networks preference order, if the preferred networks are configured to automatically connect (the Connect when this network is within range checkbox is selected on the Connection tab for the properties of the preferred wireless network).

2. If there are no successful connections, Wireless Auto Configuration attempts to connect to the preferred networks that do not appear in the list of available networks, in the preferred networks preference order. This is done so that a Windows wireless client can connect to a hidden wireless network, one that is either not broadcasting its SSID or broadcasting an SSID of NULL. Configuring hidden wireless networks is used as a security measure to prevent malicious users from detecting and attempting a connection to a wireless network. However, the SSID is included in other types of wireless connection management frames and is easily discoverable by either capturing wireless management frames or using tools available on the Internet.

3. If there are no successful connections and there is an ad hoc network in the list of preferred networks that is available, Wireless Auto Configuration tries to connect to it.

4. If there are no successful connections and there is an ad hoc network in the list of preferred networks that is not available, Wireless Auto Configuration configures the wireless network adapter to act as the first node in the ad hoc network.

The problem occurs at step #4.

At one time or another somewhere out there someone connected to a real ad-hoc WiFi network that had the SSID “Free Public WiFi”. They added this network to their preferred network list. They then traveled to a location where this WiFi SSID didn’t exist (airport, airplane, and/or hotel). They powered on their laptop with the wireless card on and Wireless Auto Configuration took over and starting searching for WiFi networks. After trying steps 1 through 3 above, Windows gave up and configured WiFi card to ad hoc mode with the SSID “Free Public WiFi” (since it was a preferred network).

How the SSID spreads virally.

A second person in close proximity to the user above also has a wireless enabled laptop and is looking to connect to a WiFi network. They scan to see what is available and notice an SSID called “Free Public WiFi”….they connect to it not knowing that it is an ad hoc network. After a few seconds of wondering why they can’t surf the web they disconnect from the SSID, shrug their shoulders and move on with life. Now they have the viral SSID in their preferred list too. The next time they power on their laptop it starts to look for the “Free Public WiFi” SSID. This process is repeated in many locations across the US and world again and again. Soon this SSID is in preferred wireless networks lists everywhere spreads like a virus.

Can this viral SSID be stopped?

Yes, but others exist like linksys, hpsetup, tmobile, default. Any SSID that tends be the default for consumer grade access points and computers tends to become viral ad hoc SSIDs. An easy way to reduce the risk of connecting to these SSIDs is to configure Wireless Auto Configuration to only connect to access points (infrastructure networks).

1. Click on the Wireless option in the System Tray and open the Wireless Network Connection window.
 2. Click on “Change advanced settings”.
 3. In the Wireless Network Connection Properties window, click on the Wireless Networks tab.
 4. Click on the Advanced button.
 5. Click on “Access point (infrastructure) networks only”

If you liked this post, subscribe using below

WLAN Book RSS Feed

RSS Email WLAN Book by Email


Filed under: WLAN Security

29 Responses to ““Free Public WiFi” SSID”

  1. Good stuff to know first I had heard of this.

  2. This clears up something that I had wondered about for ages and is a model of how experts can help non-experts.

  3. […] is a user laptop nearby that has this viral SSID as a preferred […]

  4. […] is a user laptop nearby that has this viral SSID as a preferred […]

  5. Stunningly Dumb Windows Design…

    This article points out just about the craziest thing I have seen about Microsoft Windows. I know that Microsoft in general and Windows in particular gets a lot of grief for being evil or stupid or may evil-stupid or……

  6. Wait… wouldn’t it only take on the “Free Public WIFI” SSID in ad-hoc mode if the original “Free Public WIFI” that the user (legitimately) connected to was actually an ad-hoc network itself? That’s how I read step 4, at least. And aren’t most all public access points managed? So it would seem to me this isn’t as large a problem as you imply.

  7. @david question: You are correct but most don’t wouldn’t even know what a “managed” AP is…they see “Free WiFi” and they click to connect to it. It is part configuration issue, part Microsoft, and part end user training problem.

  8. […] SST-PR-1 SSID is ad hoc network SSID used by Sears Home Service van fleet. This SSID is usually an ad hoc network and shows up everywhere. Most wireless users don’t know what it is and try to connect to it causing it to go viral just like the Free Public WiFi SSID. […]

  9. […] If you’re out and about with your laptop computer, you might find a wireless access point called “Free Public Wifi.” While the first instinct would be to connect to this network (hey, it’s free and public, right?), don’t do it. For all the reasons, read this. […]

  10. […] posts. If the question is generic enough that others would benefit from the answer I usually write post instead of responding to question directly via […]

  11. […] Free Public WiFi SSID at WLAN Book.com About that Free Public WiFi… (tags: internet tips wireless wifi) […]

  12. […] “Free Public WiFi” SSID […]

  13. Viral WiFi… Hah…

    Who actually wants to use Microsoft products?

    I’m glad there are finally alternatives.

  14. Thanks, this is great and clearly explained. I always wondered what was wrong with this kind of networks.

  15. I have a question – I get how this happens but I’m finding that the legitimate managed SSID is being masked by the ah-hoc version. i.e. I only see the ad-hoc entry in my “Available Wireless Networks”. I can’t connect because I set “only connect to infrastructure APs”.

    Does anyone else have this problem – how to fix it?

    I’m using Windows to manage my wireless.

  16. […] It’s a viral meme spread via MS Zeroconf. […]

  17. […] Free Public WiFi SSID at WLAN Book.com. […]

  18. […] vraiment pas pensé fort fort… On peut aussi trouver une analyse plus en détail sur wlanbook.com, avec une procédure pour éviter d’être un de ces utilisateurs qui propage ce “virus […]

  19. […] Well this answers everything. I had wondered everytime I got on a train. Share: […]

  20. […] I recently found a blog post by Zaib Kaleem at WLANBook that reveals the secret of this apparently unattainable […]

  21. […] I recently found a blog post by Zaib Kaleem at WLANBook that reveals the secret of this apparently unattainable […]

  22. “Chris said: … Does anyone else have this problem – how to fix it?…”

    just remove it from “preferred networks” list.

  23. Funny.

    At one point i was regularly using an AP called Free Public WiFi in london two years ago, wonder if thats where it started.

  24. Here’s the thing about this: I’m a cautious guy I’ve always been wary about ad-hoc “computer to computer” connections and I’ve NEVER connected to any of these “rouge” networks….

    i wasn’t even in public when it hit me… i was at home, all my availble networks looked normal. i beleive i restarted my computer…. then when i checked my available networks again i had “Free Public Wifi”, “hpsetup” AND “linksys” ad-hoc networks, none of which were there before. And they’re obviously coming from my pc, because they follow me everywhere i go…

    this explanation seems logical, but i think something more fishy may be at work here, at least for me….. help lol

  25. I’ve seen this “Free Public WiFi” on many LT’s I’ve repaired.

    Funny thing is, there were no other LT’s within range AND the bigger clue is that no matter how I hold the LT, the signal strength is always maxed out at 5/5 appearing to be a desirable connection.

    After running Malwarebytes, a virus/trojan was found and removed.

    Rebooted and no more “Free Public Wifi”!

  26. I’m sitting in Laguardia right now, I can see 3 of these when I look for a network. I’ve seen it all over the place. Usually in an airport, or large city. This is the most I’ve ever seen in one spot.

  27. My two cents on this:

    I normally work for a public sector organization. However, this weekend I’m providing support at a music festival in Scotland. The hacks and shooters for the event all “need” wireless (though I think I’ve now convinced them about changing that!).

    Essentially, as another person has pointed out earlier,the important part of this article – step 4 states that a) you must have connected to an ad-hoc network with the BSSID “Free Public Wi-Fi”, and b) be in a position where your wi-fi device cannot hit any available network (neither ad-hoc nor infrastructure), nor any preferred infrastructure network, and so advertises the “Free Public Wi-Fi” network.

    As “david” says above (response no. 6 to this blog), this would mean that you had previously connected to an ad-hoc network called “Free Public Wi-Fi”, meaning that, by Windows deafult settings for wireless, the network would be saved as a preferred network, causing the steps 1-4 to result in this issue.

    Right, that took a bit – sorry:) but here’s my thought on a possible cause: “User Zero” in all of this – the first person to have this occur – may well have tried to manually join a network, simply hoping that typing “Free Public Wi-Fi” in as a network name would result in free internet. Let’s be honest and admit that there are people out there who would believe that would work – I have met MANY of them.

    Regardless. this would then mean that what is happening is a device is in a mode where it is not connected to anything else, and as such is advertising this as their default BSSID. From this starting point, the behaviour described in this article then ensues.

    To be clear, I’m agreeing with the article a lot, but think that there are a number of possible ways this phenomenon both begun and “propagated”.

    Hope this makes sense, 8 hours sleep over four days makes one ramble…

  28. […] Free Public WiFi SSID at WLAN Book.com A more step-by-step explanation of where the "Free Public WiFi" SSID comes from, and how Windows zero-configuration is at fault. (tags: wifi windows security microsoft) […]

  29. It’s not just Windows. My iPad does it too.