Angle icon

The Glass Room

Get Angle

The Glass Room

Researchers Xin'an Zhou and Mathy Vanhoef reveal how the AirSnitch exploit turns 21.9 billion trusted devices into unwitting accomplices.

[Speaker 1]: You know that moment when you walk into a coffee shop or an airport lounge, you open your laptop, and you connect to the Wi-Fi? [Speaker 2]: Sure. [Speaker 1]: And the first thing you look for is that little padlock icon next to the network name. Maybe it’s a locked network, maybe you have to enter a password. But seeing that icon triggers a very specific psychological response. It tells you: "I am safe. I am in a private bubble." [Speaker 2]: Right. We assume that because there’s a password, the conversation between our laptop and the router is encrypted. Which it is. [Speaker 1]: But we’re going to show you why that padlock protects you from the outside world, but leaves you completely exposed to the person sitting right next to you. Because researchers just found a way to turn that trusted router into a weapon against you. [Speaker 2]: And the worst part isn’t that the hackers are smart. It’s that the router-the device you paid hundreds of dollars for-is actually the accomplice helping them do it. [Speaker 1]: There is a number I want you to keep in your head: 21.9 billion. Keep that number in mind, because by the end of this, it’s going to look a lot less like a statistic and a lot more like a threat. [Speaker 2]: It’s Monday, March 2, 2026, and you’re listening to The Angle. [Speaker 1]: So, before we get into the mechanics of this exploit, which is honestly terrifying, we need to correct a massive misconception about how Wi-Fi actually works. Because usually, when we talk about Wi-Fi hacks on this show, we’re talking about someone stealing the password, right? [Speaker 2]: Right. Cracking the code so they can get on the network for free, or maybe access a file server. But this isn't that. The research that dropped last week at the NDSS Symposium in San Diego-it’s called "AirSnitch"-is focusing on something much deeper. It’s targeting "Client Isolation." [Speaker 1]: Okay, define that. Because most people think a "Guest Network" is physically separate from the "Corporate Network." [Speaker 2]: Exactly. We have this mental model that if you’re on the "Guest" Wi-Fi, you’re in a different room than the employees. But you aren’t. You are physically touching the exact same radio antenna. You’re in the same room. "Client Isolation" is just a rule-a software policy-that acts like an invisible wall. It tells the router: "Do not let Device A talk to Device B." [Speaker 1]: It’s like soundproof booths. We thought we were all in individual glass boxes. But it turns out, we’re just standing in an open room with our eyes closed, and the "walls" were just suggestions. [Speaker 2]: And AirSnitch proves those suggestions can be ignored. Researchers Xin'an Zhou and Mathy Vanhoef tested 11 distinct routers-we’re talking major enterprise gear from Cisco, Ubiquiti, Netgear-and they found every single one of them was vulnerable. They didn't break the math of the encryption. They broke the trust of the implementation. [Speaker 1]: So how does every major hardware vendor miss a hole this big? I mean, these are companies whose entire brand is security. [Speaker 2]: To understand that, you have to look at the history of the "Gigabit Trap." Think back about ten years ago. We all started demanding faster Wi-Fi. We wanted Gigabit speeds over the air. [Speaker 1]: Right, for 4K streaming, gaming, massive file transfers. [Speaker 2]: Exactly. But encrypting and decrypting data at that speed takes a lot of processing power. If you try to do that…

Try stream view →