|toledo talk||Discussing the news and events
in and around Lake Erie West
|northwest ohio & southeast michigan||coffee is for closers||22-Mar-2018 8:49 A.M.|
New version of Toledo Talk
Flash: Public Wi-Fi even more insecure than previously thought - There have been a few postings here(and elsewhere) about public WiFi. And I'm not just criticizing about government contracted WiFi services. Nor am I criticizing the local Panera's, Burger King, Mickey D's, Starbuck's etc. I AM warning those of you who use these services that you must take personal responsibility to secure your wireless data communications.
How do you secure your communications?
1) Understand the threat.
WiFi is radio traffic that can be monitored. Just like a police scanner can pick up speech communication, another computer can monitor your data communication with your bank, your g/f, b/f on instant messages, email, etc. - Get your passwords, bank account info - basically I.D. theft info.
2) Learn techniques to better secure your WiFi data communications.
a) Make sure that you are connecting to the correct WiFi access point. If you see a WiFi network, like I did recently, that is named "Free WiFi," then DO NOT connect to it. Ask the store's personnel what the proper name of the access point is. Watch for bogus access points that close to the correct name, but are miss-spelled - again check with the organizations personnel if you aren't sure.
b) VPN, and other tunneling encryption techniques allows better privacy than nothing. If you don't know what these are, then you need to learn - ask you I.T. people at work - make sure you're not sending and receiving "in the clear."
c) Remember, nothing is totally secure. You stand a high risk of having your credit card
info ripped off while using a gas pump. Your old wireless phone can be easily monitored by a radio reciever. So, it isn't JUST the Internet or WiFi Internet. And that's just for starters.
I'm sure others like jshriver, jr, and anonymouscoward can provide some more information on this.
If you think that this is just a thread just for techies, then you're already in trouble.
posted by paulhem to technology at 10:16 A.M. EST (5 Comments)
Good post, Paul. Some of the worst breaches in security happen at places with free WiFi. Here's a related article on wireless hackery with some technical details of the methods some script kiddies use.
posted by historymike at 10:26 A.M. EST on Fri Aug 03, 2007 #
Think you hit the nail on the head. Whenever you're using a free open access point (free wireless) the data you're transmitting is open to anyone with a wireless card to capture. (called packet sniffing).
Using a VPN to work helps, but most people using free wifi spots are regular people just wanting to check their email, etc. For web browsing make sure your browser has a little locked "lock" at the bottom, that means you have a secure connection.
You can also tell if the address your viewing has https:// instead of http://
That means you're using SSL which is what banks and other sites that take financial transactions use for encrypting the line. So even if you're on an open network, the data sent from your computer over the wireless and internet is encrypted till it hits the web server you're talking with.
Also if anyone here uses gmail, they offer a ssl connection (just not by default). When you go to gmail.google.com use https://gmail.google.com
I've heard gmail doesnt use it by default to be more "green" since encryption/decryption requires more processing and power. When you're as big as google, even shaving off a little saves a lot on the environment.
Bigger tip is for those people at home who have a Wireless AP for their own use. Lock it down! lol
I wouldn't recommend WEP as it has been cracked and would only take someone sniffing the packets to capture enough for a brute force attack. At home I use WPA with PSK (pre shared keys) meaning you know the password and it's not being transmitted.
Enough rambling, if anyone has a computer or security related questions feel free to email me. Time permitting I like to do volunteer work.
posted by jshriver at 11:00 A.M. EST on Fri Aug 03, 2007 #
Oh noes, Y2K +/- 7 years is finally happening!!!!!! Run for the hills.
You have tons of options. The worst one is to worry. I'd worry more about being caught in starbucks or mcd's inauthentic irish cuisine. That will harm you both physically and socially.
posted by charlatan at 01:15 P.M. EST on Fri Aug 03, 2007 #
"You have tons of options."
What "options" do YOU have to share - other than smart-assed ignorance.
posted by paulhem at 02:39 P.M. EST on Fri Aug 03, 2007 #
And, you don't have to give us "tons of options."
1/4 ton of your (sarcasm)expertise(/sarcasm) will be quite enough, I'm sure.
posted by paulhem at 02:45 P.M. EST on Fri Aug 03, 2007 #