Ad hoc networks are commonly used in military-grade communication, such as in covert communications, due to the fact that they are difficult to detect by enemy forces. They may also be useful for large-scale simultaneous data transmission, since some operating systems may not support the creation of a WiFi hotspot on a single computer.
The security hole provided by Ad hoc networking is not the Ad hoc network itself but the bridge it provides into other networks, usually in the corporate environment, and the unfortunate default settings in most versions of Microsoft Windows to have this feature turned on unless explicitly disabled. Thus the user may not even know they have an unsecured Ad hoc network in operation on their computer. If they are also using a wired or wireless infrastructure network at the same time, they are providing a bridge to the secured organizational network through the unsecured Ad hoc connection. Bridging is in two forms. A direct bridge, which requires the user actually configure a bridge between the two connections and is thus unlikely to be initiated unless explicitly desired, and an indirect bridge which is the shared resources on the user computer. The indirect bridge may expose private data that is shared from the user's computer to LAN connections, such as shared folders or private Network Attached Storage, making no distinction between authenticated or private connections and unauthenticated Ad-Hoc networks. This presents no threats not already familiar to open/public or unsecured wifi access points, but firewall rules may be circumvented in the case of poorly configured operating systems or local settings.
An example of the risks of the Ad hoc network would be that the user goes to lunch with a laptop that has a wireless connection enabled to their corporate network and has a personal cell phone with a Bluetooth or WiFi connection enabled. As they cross the street, the laptop sends its location data to the cell phone, and the cell phone sends it to the cell tower. If both devices are using the Ad-Hoc network to link them, they can potentially see the other's location data, which may or may not be encrypted if they are not using SSL. 827ec27edc