Mosmetro Wi-Fi connection. Connection to free Wi-Fi of the Moscow metro

MaximaTelecom, the operator of the Wi-Fi network in the Moscow metro and surface public transport, has released the MT Cabinet mobile application to manage services and connected devices in the MT_FREE network. At the moment, the application is available only in the App Store for iPhone, and in the near future a version for smartphones running the Android operating system will appear on Google Play.

The MT Cabinet application allows users to view a list of devices associated with a phone number, assign names to them and delete unused gadgets. At the moment, the ability to add new devices through the application is not provided, for this you need to go through authorization directly when connecting a smartphone or tablet to the MT_FREE network in transport.

One of the key functions of MT Cabinet is the ability to add paid services to devices, namely, automatic connection to the MT_FREE network without authorization and viewing ads. Users can add the “Like at home” service separately for the metro and separately for ground transport (buses, trams, trolleybuses, electric trains, Aeroexpress and MCC). It is connected directly to the device, and not to the phone number as a whole, so MT Cabinet users can choose which devices require the "Like at home" service for certain modes of transport.

The MT Cabinet app allows you to pay "Like at home" on a monthly basis, or immediately for long periods of time. In the second case, the cost will decrease in proportion to the duration of the subscription. The maximum price for a year of connection to the MT_FREE network without authorization is 888 rubles. In case of problems or disputes, MT Cabinet has a technical support section.

Editorial note: in some cases, even the operating system is not detected for devices tied to a phone number, and only information about the MAC address is available. To understand which smartphone or tablet we are talking about and to correctly activate the “Like at Home” service, you need to look at the information about the device. To find out the MAC address of the iPhone and iPad, you need to go to the "Settings", go to the "General" section, select "About this device" and find the line "Wi-Fi address". You can also find out the MAC address of a device running Android in the "Settings": select "About device" or "Device information", then "Status" and find the line "MAC - Wi-Fi address". Thus, you will be able to sign devices in your personal account, MT Cabinet application and will not get confused when connecting services.

Hello everyone! Today we have a question on our agenda: how to connect wifi in the metro. The beginning of 2015 was marked for those who like to be in touch with the fact that all branches of the Moscow metro began to provide the ability to connect to the wireless Internet. Distribution is possible only in carriages, it is impossible to use it outside of them.

If this is the first time you decide to use such a service, be sure to read this article. I will tell you how this can be done, and what problems may arise with this.

How to connect wifi in the metro

Let's now take a closer look at how to connect wifi in the subway. This can be done in 3 ways:

Through attachments to a mobile device.
Using the resource of the State Service.
At home.

Using the phone

To connect using your phone, you need to activate the wifi connection on the gadget.

A few minutes will pass, and your device will be added to the system, after which it becomes possible to use the global network. No more than 5 devices can be assigned to one mobile number.

Once the identity has been verified, there is no need to repeat the procedure.

This method has its drawbacks, which I will also tell you about. Firstly, because of the poor connection in the metro, SMS can take a very long time to send, and you may not have time to use the Internet. Well, the second disadvantage is the payment, which is charged after sending, and is equal to the amount of sending a message on your tariff.

State Service Portal

To use the following method, you need a process for creating registration data on the State Services page, as well as the following:

Join "MosMetro_Free".
Select "Go through identification" and click "Enter through the State Services".
Write down the registration data from your cabinet of Public Services.
Click "Enter the Internet."

Now you can use the World Wide Web absolutely free, but without leaving the car.

Method for home conditions

It is very convenient to attach to the device at home. This method is extremely convenient, it does not require time from you during the trip. First, you need to find out the MAC address of the gadget through which you will use the services.

On Android:
We go into the settings, go down.
Push "About the phone."
Moving on to "General information", remember or save information Wi-Fi MAC address.

On Windows:

Using the control panel, select Network and Internet.
Push "Local Area Connections"and "Intelligence".
We save the MAC address specified in "Physical address".
For iOS platform owners:
Go to the settings, select "Basic".
Push About this device.
An active connection is required to display the MAC address.
On Mac OS:
Open up Finder, Further "Programs".
Activate the "Terminal" through the Service Tools.
Click on "Ipconfig".
With the definition of the Mac address, launch the browser and go to: login.wi-fi.ru/am/UI/Login?client_mac\u003dXX:XX:XX:XX:XX:XX&org\u003dmac&ForceAuth\u003dtrue.
In place of the symbols, write your personal physical address.

Decide on the preferred authorization method. After completing the identification, it will be necessary to connect to the distribution signal. Then go to the vmet.ro site before doing this by launching a browser. Click on "Enter the Internet". On Android, you can install an application that allows you to log in yourself.

Possible problems

If you go through the connection process for the first time and the registration page simply does not open for you, try restarting the Wi-Fi connection. If there is a problem loading the site itself, just check its spelling, as the beginning of the address should look like this: http: //, but not https: //.

Moving to another carriage or other problems may result in communication failure. Re-authorize and try again.

Do not forget that no more than 5 devices should be linked to the number. Having installed your SIM card in another device, the identification procedure will be required again, since the MAC address acts as a binding.

Opera browser owners will need a different browser for the first connection. Then you can use it again.

Conclusion:

I hope the question: how to connect wifi in the subway has become a solution for you. Write your comments and ask questions if necessary. Don't forget about likes, share the article on social networks. Peace and goodness to you!

How to connect wifi in the metro?

It all started with the fact that being at home, in the direct line of sight of the router, the WiFi signal on my smartphone began to disappear - for a moment an exclamation mark appeared near the icon and after a couple of seconds it disappeared, the Internet started working normally. At first, I just forgot about the problem - it happened quite rarely and it did not cause any particular problems when surfing. Exactly until the moment when my relatives found out that there are free calls in the vibe.
At the moment when the network disappears, the call in the vibe also drops off - this began to annoy me and I began to look for a problem. No software and hardware methods helped - I have two routers at home and both failed, while other devices did not have such symptoms, only a smartphone. So I dropped it with peace of mind. And the problem was solved, but for exactly one day - when I returned home from the office in the evening, I found that the problem had resumed. I decided that I wouldn’t calm down without a decision, my inner detective stepped in!

The root of evil was found a little later - starting to cut off all possible and impossible options, I "got it" - every 6 minutes, sometimes on schedule, sometimes not very much, a bus passes under my house. And every 6 minutes my phone, located 12 floors away from it, catches its weak signal, connects for a couple of seconds and then, having lost it, disconnects.

At the beginning of October, MaximaTelecom, which provides free Internet in the Moscow metro, expanded its services to ground transport - in cooperation with NetByNet, the Internet appeared in buses, trams and trolleybuses. Moreover, it was decided to build a single network for ground transport and metro. The principle of operation initially seems very convenient - the SSID of bus networks coincides with the "metro" (MT_FREE) and when you leave the metro and get on the bus, you immediately get the Internet.

Since January 1, 2017, the network has left the testing stage, it is not yet possible to use your metro subscription in ground transport, and the MosMetro_Free network is still preserved in the metro, but everything goes to the fact that the billing will be common, and the SSID is uniform - MT_FREE.

Updated: On February 1 MosMetro_Free completely disappeared from the subway cars, stickers with the SSID “MT_FREE” are hung on the windows of the cars.

In 2016, the metro was connected to a single WiFi network, #MCC , buses, trams, trolleybuses, "Aeroexpress" and 65 commuter trains - all transport - Sergey Sobyanin (@MosSobyanin) January 4, 2017

And MaximaTelecom is not going to stop - the company is expanding in all possible directions - WiFi will appear in electric trains, aeroexpress trains, the halls of air and railway stations, Moscow parks and in the city center.

We will expand the unified roaming-free network MoscowWiFiFree to the Third Transport Ring and the Moscow Ring Road. We will install Wi-Fi access points in parks and places of the greatest concentration of people - Sergey Sobyanin (@MosSobyanin)

In mid-March, programmer Vladimir Serov uncovered the biggest vulnerability in the free Wi-Fi service of the Moscow metro. For at least a year, the hole allowed anyone to get the phone numbers of all connected passengers on the train, and then read in unencrypted form a digital portrait of each: approximate age, gender, marital status, wealth, as well as the stations at which the person lives and works. Then Serov went further and wrote a script that allows tracking the movement of a specific subscriber on the subway if he is connected to the MT_FREE network - usually such technologies are available only to special services. MaximaTelecom, the system operator, encrypted the phone number within 24 hours after the vulnerability became publicly known. The rest of the data is still open, and how many people could have saved the entire unencrypted database during the time the "hole" was opened is unknown.

There are no statistics for 2017, but by December 2016 more than 12 million users were registered in Maxima's networks. Unknown persons could have downloaded all their phone numbers earlier, but now they can track which trains the subscribers are on. The Village tells how information worth millions of rubles was leaked to the Internet, why it is dangerous and how you can check what Wi-Fi in Moscow knows about you.

What is the vulnerability

Any device that supports Wi-Fi has a unique number called the MAC address. Authorization in the MT_FREE city Internet network is carried out by combining the MAC address with the phone number that the passenger himself registers in the system - at the request of the law on countering terrorism. The authorization page opens automatically for everyone. The network developer, the provider "MaximaTelecom", placed an ad unit there. It is on it that the company makes money. To make advertising more effective, targeting is used - you are presented with those ads that best fit your digital portrait of preferences. Typically, this portrait is collected by large analytical and marketing companies, which then transmit the data in encrypted form to specific advertising platforms. However, programmer Vladimir Serov discovered that the digital portrait, including the phone number on the Wi-Fi login page in the Moscow metro, was not encrypted in any way.

Serov told The Village that he had found the vulnerability on March 5, and contacted the developers he knew from mos.ru, "making sure that the request reached the person responsible for wi-fi in the metro." It is worth noting that Serov did not contact Maxim directly, and a week later decided to publish the find on a profile resource for programmers.

Vladimir Serov

Android developer

I discovered this a month ago, on March 5th. I decided to see what data the authorization page gives me, and found a piece of userdata code: information was completely openly listed there, including phone number, gender, approximate age, marital status, wealth, stations where your home and work are, and everything is tied to yours MAC address. Although the page does not provide personal data by law (there are no names and surnames), it is still dangerous to publicly bind numbers to MAC addresses. Changing the MAC address to any other is easy. So, knowing someone else's MAC address, you can see what the Wi-Fi authorization page gives out on it.

Further: there is such a program, Airodump-ng - it allows you to get the MAC addresses of all active Wi-Fi devices around you in the form of ready-made lists. He sat, for example, on the red line, at the "Library named after Lenin", collected a thousand working poppies in a couple of stations and you look at them for sociology about the owners.

On the same day, I wrote to the guys from mos.ru about this vulnerability, because MaximaTelecom itself does not have proper technical support. That is, I told their bosses about how the contractor distributes personal data about users to the right and to the left - the letter was sent down, but I never received an answer. I waited a week and wrote on Habrahabr a post “How to get the phone of (almost) any beauty in Moscow, or an interesting feature of MT_FREE”. I made a small script that itself unloaded data in a convenient form. The readers and I began to have fun.

The Village discovered that according to the Wayback Machine, the vulnerability was in the login page code at least May 17, 2017. In August, the company announced that 1.5 million users are authenticated on the network every day, and earlier, in December 2016, more than 12 million users were registered. The same MT_FREE network is now available at Aeroexpress, on the Moscow Central Circle, and even on some commuter trains, including Lastochki. And since 2017, Maxima has been developing the same network in the Petersburg metro.

To what extent this expands the volume of numbers that could be disclosed is unknown, The Village tested the vulnerability only in the Moscow metro. However, all digital portraits are still available using exactly the same principle of spoofing MAC addresses that Serov described: anyone could collect millions of phone numbers throughout the year. It is curious that the co-owner of Maxima Aleko Krikheli admitted in an interview to Delovoy Peterburg that the company collects information about users, but, unlike colleagues in the market, “does not upload them to third-party advertising sites”, but stores them as “unique wealth” ...

How to track your location

Serov did not stop at obtaining a "digital portrait". Examining the visibility in more detail, he found the indicator current_station, which was constantly changing. The names of the stations themselves were replaced with regular numbers. Quite quickly, we managed to draw up a map, just tracking the movement of our own MAC address, and find out, for example, that “164” is “South”, and “165” is “Prazhskaya” - stations on the same line are numbered sequentially. By writing another simple script, Serov was able to track the movement of another person on the subway in real time - a certain girl was returning home from work. During testing, one of 16 randomly caught MAC addresses succumbed to snooping. It is not known how much data associated with phone numbers other people could have saved in a year. With such a database, potentially more than 10 million subway phones can still be tracked.

Testing tracking by MAC address in the Moscow metro in real time

Usually, only special services can track the geolocation of specific phones - the technology of subscriber triangulation using proximity to cell towers requires a court decision and constant communication with cellular operators. The MT_FREE vulnerability makes the movement of a subscriber on the subway absolutely transparent.

How did MaximaTelecom react?

Two hours after Serov's publication, the phone number on the authorization page began to be encrypted as a "hash with a salt" ("hash" in this case is a phone number, and "salt" is an additional key to a string of random characters). A similar encryption algorithm is used in cryptocurrencies to eliminate the likelihood of hacker hacking. However, Serov believes that this method is also unsafe, since the phones can be opened again as soon as the values \u200b\u200bof the "salt", that is, the key, are merged into the Network.

The programmer was approached by representatives of "Maxima", asking to remove the publication. Serov refused: “All this time the company was aware that it was violating banal security rules for working with such data - and not only gave (and gives) them to the user, which is unprecedented, but also does it over an unencrypted channel in an open network. And why should I be silent about the fact that my personal data is treated this way? " Then a company representative asked for an official comment to be added to the post, but Serov again refused. With the permission of the programmer, The Village publishes an excerpt from the operator's responses (all correspondence is at the disposal of the editors):

« MaximaTelecom "

representative

The vulnerability discovered in the authorization portal, which allowed analyzing the profile data of other users, could only be exploited by spoofing the MAC address and sending a request to the portal directly on the MT_FREE network. This greatly limited its useful application, however, we are grateful to the users for their indifference and promptly eliminated the identified flaws in the system architecture.<…> [We] removed the transmission of profile data (such as phone number, gender, age group, etc.) in clear text or in a format that can be easily decrypted. We applied strong salt encryption and updated reference books in adjacent systems. Moreover, we encrypted not only the values, but also the variable names themselves, in order to complicate the reverse engineering of this data array.<...> We solved the problem of the absence of restrictions on the number of attempts to enter a personal account, which potentially made it possible to gain access to someone else's personal account by simply busting the SMS code.<...> We have started an internal audit of the forms used in production for unsafe data exchange between the client and the server, and have already fixed a number of other identified shortcomings.<…> In the new release of the authorization system, in principle, there will be no possibility of loading pages with spoofing of the MAC address, which will increase the resistance of the entire platform to such attacks.

Serov says that the company is being cunning when it talks about security - they do not admit the scale of the error, and it is almost impossible to protect against MAC address spoofing. According to his version, the developers made a vulnerability in order to save on the load on Maxima's servers: usually, the targeting script works remotely, and a link to a specific ad unit is sent to the browser on the person's phone. Now, the authorization page itself is engaged in the choice of a suitable ad, it is this page that loads a digital portrait of a person using the MAC address, which ultimately ends up in public access. Passenger data, with the exception of the phone number, is still open - the digital portrait items were simply replaced with a random, but static set of characters.

The Village also contacted Maxima Telecom for comment.

Anastasia Samoilova

Representative of the company

“After Vladimir Serov reported the vulnerability on the authorization portal, we promptly encrypted the transmission of profile data (such as phone number, gender, age group, etc.). phone numbers of subscribers. We are also taking urgent steps to ensure that there is no misappropriation of subscriber data. The main efforts are focused on a complete redesign of the authorization system, excluding attacks with device address spoofing.

Subscribers in any networks are identified using MAC addresses, which meets the requirements of Resolution No. 801 of the Government of the Russian Federation dated August 12, 2014.

The data stored in the profile of the network user is an internal database created for the needs of the company's business. Requirements for its protection are not imposed by the legislation of the Russian Federation, since it does not contain personal data, however, the theft of such a database in the described way can be regarded as an act under Art. 272 of the Criminal Code of the Russian Federation.

In order to improve the security of the service, we encourage you to report vulnerabilities found on [email protected] and we guarantee that messages to this line will not be ignored. "

Why such a leak could have happened

IT specialist Vladislav Zdolnikov believes that the vulnerability is more like a banal incompetence of the creators than a desire to unload servers.

Vladislav Zdolnikov,

Founder of TgVPN service and IT consultant of FBK

Indeed, authorization in Wi-Fi networks occurs by MAC address; nothing can be done about it, there are no better options. But the fact that analytical information is transmitted to the user's browser is some very strange story. Even on those resources that collect analytics about the user and which imply authorization by login and password (that is, you cannot just pretend to be another user), this information is most often not available to the user, and even more so is not transmitted to the browser. And for a service in which you can easily pretend to be another user (almost any device can be assigned the MAC address of another device), this is an outrageous level of disregard for users' personal data.

This architecture is not very similar to the resource saving of MaximaTelecom - rather, it can be explained by the incompetence of those who made the mechanism. Separately, it is outraged that after the publication of the vulnerability, the company did not urgently turn off the analytics output and stopped reworking this mechanism, but simply replaced the values \u200b\u200bthat had already been decrypted.

How to check yourself

You can check for yourself which digital portrait of you was saved by Wi-Fi in the subway. To do this, just connect your laptop to the MT_FREE network in the metro or ground transport and go to the page. Then open the source HTML-code of the page or "Developer Tools" - for example, in the Google Chrome browser, you can do this by right-clicking on an empty field and selecting "View page code". In the code itself, we are only interested in the fragment, after userdata. Now it looks like a chaotic set of symbols, but Vladimir Serov compiled a table with decrypted values. They should be looked for in the document with the code (Ctrl + F or CMD + F).

5777DE2CD9

Age

b6c3b13598

cb19ed6f70

Employment

unemployed

householder

5e97672e80

Family status

The Internet has become an integral part of human life: news, communication on social networks, watching the latest new music or movies, purchasing goods or services. Most users prefer to use the Internet via mobile devices. Let's take a closer look at wi-fi in the transport of the city of Moscow, as well as provide a short instruction and brief recommendations in case of problems.

Coverage area of \u200b\u200bthe MT Free WiFi free wireless network - Garden Ring, public parks, Moschino cinemas, museums, hostels and crowded places near the Third Transport Ring.

The data transfer rate is 100 Mbps. The value is divided equally by the number of simultaneously connected subscribers to free Wi-Fi. During a dense crowd of people on public transport, the indicator naturally falls. There is a feeling that the Internet is "slow", at times the connection is lost.

The provider provides a general access channel to the World Wide Web at a speed of 30 Gb / s. The indicator is not enough during peak hours, so the telecom operator plans to increase the value.

What to do if you can't connect

If you have problems connecting to free Wi-Fi, you need to follow the recommendations:

If the connection fails, contact the provider's technical support service at: [email protected].

Conclusion

The article provides information on the coverage area of \u200b\u200bthe free wireless network in the wi fi free metro, speed, capabilities and limitations, as well as recommendations on how to connect to the Internet in transport, register, use the auto-connect application and troubleshoot if there is no connection.

All articles on our site are audited by a technical consultant. If you have any questions, you can always ask them on his page.

Magazine