I work out of a co-working space. The same wifi covers the co-working area and a coffee shop a floor below — same SSID, same flat network. Members, walk-in coffee customers, anyone with the password: all on it. A few weeks ago I was sitting at my desk and got curious about what was actually on it.
I asked Claude to write me a script that would scan the network for open ports.
Fifteen minutes later, I was looking at the admin portal of the wifi controller. Not a login screen that bounced me — the actual portal. Reachable from any client on the same flat network.
I’m not entirely new to this. I had a rough sense of what I was looking for — a controller behind the access points, the kinds of management ports that tend to be exposed, the way default admin portals announce themselves. Knowing where to look is half the work. The half I didn’t have was the time to write a scanner, parse the output, and glue the tooling together on a Tuesday afternoon. The model handled that part. I knew where to look. It made looking easy.
That’s the part of the story that matters.
What used to be hard
A decade ago, the same exercise required a real skill stack. You needed to know nmap existed and how to invoke it. You needed to read its output without your eyes glazing over. You needed to recognize what a “controller” was — the device the access points hang off of — and which TCP ports were worth looking at. You needed to know that admin portals shipped with default credentials, and which vendors shipped which defaults. You needed enough Linux to glue all of that together.
Each of those was a gate. None of them were that high individually, but together they were enough. Most people never crossed them. Not because the networks were safe, but because the skill floor was high enough that “anyone who could do this” was a small, mostly self-selecting group.
The networks themselves were never safe. The flat layer-2 design of the average shared wifi has been a disaster for years. Anyone who’s read security research from the 2010s knows this. The reason it didn’t matter more was not the networks — it was that the attacker pool was small.
The skill stack collapsed
What changed isn’t the networks. What changed is the skill floor.
I asked an LLM to write me a script and it wrote me a script. That sentence sounds boring because it’s exactly what LLMs are advertised to do. Turn natural language into code. That’s the value prop. That is the product.
But the second-order effect of that product working as advertised is that every gate in the old skill stack stops being a gate. You don’t need to know nmap exists; the model invokes the right tool. You don’t need to read the output; the model parses it. You don’t need to know what a controller is; the model recognizes the banner. You don’t need defaults memorized; the model has them. You don’t need to glue Linux together; the model writes the glue.
In my case I had some of those gates. Plenty of people have one or two. The point is that none of them are required anymore. The full path from idle curiosity to working exploit is shorter than the path from idle curiosity to actually finishing a side project. That’s the part that should worry people.
This is not a critique of any specific model or any specific company. Claude wasn’t doing anything wrong. It was doing exactly what it’s supposed to. It’s the capability that’s the story, not the misuse of it. The thing the industry has spent two years celebrating — that anyone can build software at the speed of conversation — is the same thing that quietly removed every gate that used to keep shared networks from being a free-for-all.
The threat model didn’t change
I want to be careful here, because the easy version of this argument is “AI made things dangerous.” It didn’t. The networks were always exposed. The controller was always reachable. Anyone on that wifi who knew what they were doing could have done what I did, on any random Tuesday, for the last decade.
The threat model didn’t change. The pool of people inside the threat model did.
That pool used to be small enough that operators could behave as if it didn’t exist. Coffee shops, hotels, airports, co-working spaces, apartment buildings — they have all been running on the implicit assumption that exploiting a shared network requires skill the average user doesn’t have. That assumption was load-bearing. It was the entire reason the security posture of the average shared network has been “we hope nobody tries.”
That assumption is dead.
The new pool of “anyone who could do this” includes anyone with twenty dollars a month and the patience to type a sentence. That’s not a niche of red-teamers and curious nerds. That’s the population of the building.
What this actually means
The conversation about LLMs and security tends to cluster around two takes — “AI is going to write malware” and “AI will help defenders catch up.” Both of those are real, but they’re not what’s happening on the ground in shared spaces.
What’s happening on the ground is that the gap between who could exploit shared networks and who lives on them has closed. Those used to be two different populations. They are now the same population.
If you live, work, or stay in a shared building of any kind — co-working, apartment, hotel, conference center — your network neighbors include some number of people who can now, casually, in fifteen minutes, do what I did. They aren’t pentesters. They didn’t read any books. They have the same model you do, and they’re a sentence away from it.
”Just use a VPN”
The standard advice is to throw a VPN on it and call it done. I want to push on that, because I think it’s wrong, or at least dangerously incomplete.
A VPN encrypts your traffic. The threat surface on a hostile shared network is not your traffic. It’s the network itself. Layer 2 is open. ARP poisoning, DHCP rogue servers, captive-portal MITM during the handshake gap, evil-twin access points, deauth attacks — none of that cares about your tunnel. Your machine is still on the network. It’s still ARP-reachable. It’s still being scanned by anyone else on it. Your VPN doesn’t change any of that.
And — this is the part — the same skill-floor collapse that produced my port scanner produces all of that other stuff too. Every layer-2 attack that used to take real chops is now a sentence away. The “just VPN it” advice was already shaky in 2018. In an era where the floor for the rest of the L2 toolkit has dropped with it, it’s wishful thinking.
What actually helps
The honest answer is that there is no clean consumer-side fix when L2 is open. There are mitigations:
- Get off the network for anything you care about. Cellular tether, hotspot, your phone’s data plan. Treat shared wifi the way you’d treat a USB stick from a parking lot.
- Harden the device, not the connection. Host firewall on. No listening services. No automatic file sharing or printer discovery. No mDNS broadcasting your hostname. Assume the LAN is the open internet — because effectively, it is.
- Stop trusting the captive portal. The page that appears when you connect is the easiest thing on the network to spoof.
But these are workarounds. They don’t fix the network. They route around it.
The actual fix lives at the operator layer. Client isolation, so devices on the same wifi can’t see each other. Per-port or per-client VLANs. Management interfaces — the controller’s admin portal, in my case — bound to a separate, non-client VLAN with no reachability from the guest network. None of this is exotic. It’s been default in enterprise wifi for fifteen years.
If a building, hotel, or co-working space can’t tell you they do these things, they don’t. And until they do, every shared network they run is a flat, hostile broadcast domain in a world where exploiting one is now a fifteen-minute exercise for anyone curious enough to ask.
I told them
After I poked around, I told the co-working’s management what I’d found. I didn’t send a writeup or a screenshot. I told them the controller’s admin portal was reachable from the guest network — the same network the coffee shop downstairs hands out to walk-ins — and that a non-zero number of those people could find it now without trying very hard. They’re working on it.
That’s the part I want to leave you with. The point of writing this isn’t that I found something clever. I didn’t. I asked a question and a model answered it, the way it answers a million other questions every day. The point is that anyone could have. The bar to being the person who notices the controller in the corner of the network just dropped to “asks an LLM in good English.”
If you operate a shared network, you should assume someone in your building has already noticed.