Public WiFi Safety tips

Posted By : Ken Colburn of Data Doctors on July 31, 2009 3:24 PM

Question

I heard someone call your radio show saying that all public wifi is completely unsecured and anyone around you could easily see anything that you were doing…is this true and if so, what should I be doing to protect my computer?

-Nathan

Answer

This question was answered on July 31, 2009. Much of the information contained herein may have changed since posting.

The convenience and relative low cost of wireless technology has helped foster a huge network of over 100,000 U.S. public wifi ‘hotspots’ specifically designed to allow anyone to freely connect and access the Internet.

The fact that anyone can connect also means that those with malicious intent can be lurking as well.

While I agree that there are security risks when connecting to public wifi systems, I wouldn’t say that ‘anyone’ around you could electronically ‘see what you are doing’.

In order to intercept your transmissions, a fellow user would have to install special software called a ‘packet sniffer’ which secretly copies unsecured packets transmitted on the same network or create a ‘man-in-the-middle’ exploit to trick you into connecting directly to their computer instead of a wifi access point.

Packet sniffers are readily available on the Internet and any motivated 14-year old could figure out how to use one, but that doesn’t mean that everyone around you has one.

The other issues is even if they can see what website you are surfing while you are at the airport, no harm is done unless you access your e-mail account, an online banking site or other normally secured resources on the Internet.

Secured sites on the Internet will show up as ‘https:’ instead of ‘http’, so if you do need to type sensitive information into your computer, make sure you are doing it on a page that has the ‘https:’ prefix so your transmissions are being encrypted.

Sadly, many web-based e-mail systems have a secured login page, but once you get past it, the rest of the pages are not secured. The easiest way to tell if your webmail system is secure at all times is to log in, then go to your Inbox and see if the ‘https:’ remained.

If your webmail does not encrypt pages after the login screen, then you need to think twice about using it on public wifi networks without adding additional security software, such as VPN - Virtual Private Network software (more on this later).

To avoid the ‘man-in-the-middle’ attack, be very careful to look at the icon next to each available connection when you are attempting to connect to a wifi network. A fake wifi connection will appear as two computers instead something that looks like an antenna.

This type of exploit is especially prevalent at airports or hotels that charge for Internet access. Hackers will setup something that looks like a free alternative to the pay services, which causes folks to try them first.

For most users, if you connect to anything and get Internet access, you don’t think anything of it and continue on with your business, which is exactly what they want you to do.

Windows XP users can change a setting in their wireless network adapters to tell Windows not to allow connections to ‘Ad Hoc’ or machine-to-machine networks (Vista users by default have this turned on). Step-by-step direction for XP users can be found at: http://bit.ly/AOVxR .

The ultimate security for road warriors comes in two options: pay for a cellular based data service or use VPN software to protect everything that you type in public.

There are a number of free and low cost options for personal VPN software, but it’s important that you understand the differences before making a decision. Free systems monitize the service by taking over your browser and adding a banner ad to everything that you do. In addition, these free services make money by giving advertisers targeted audiences, which means they will be tracking everything you do. If you want true privacy, don’t consider a free VPN service.

If you only need to secure your system for a short trip, companies like SurfBouncer ( http://bit.ly/dThlV ) offer weekly or monthly options starting at $4.99 a week.

If you are on the road a lot more often or deal with lots of secured access while on the road, Witopia ( http://bit.ly/12durT ) offers services starting at $39.99 per year that works with both Windows and Mac as well as many handhelds such as iPhones & Windows Mobile 5 & 6 devices.

Need Help with this Issue?

We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!

Author

Posted by Ken Colburn of Data Doctors on July 31, 2009

Feedback

comments powered by Disqus