The current boom in WiFi Hotspots, Municipal WiFi and impending WiMAX proliferation have all contributed to the flattening of the world. We are all connected. Most times, this is a good thing. Occasionally, this is not.
The moment you power on your laptop at a public location you are vulnerable. Sniffers, hackers, spammers and identity thieves are waiting for the right opportunity to get your personal information, identity, passwords, account numbers, corporate files, personal pictures and financial information. They are also looking to use your laptop to broadcast spam, viruses and worms to the world, while you go for your coffee.
There are two hurdles to overcome when connecting your laptop at a public location. Connectivity and Security.
Connectivity
Searching the airwaves for a valid connection can be a challenge. Individuals choose the connection based on the signal strength. But there is much more to consider than signal strength.
Is the connection valid? Are you connecting to the hotspot location you think or an Evil Twin? Unscrupulous people can be sitting right next to you, broadcasting a fake SSID or signal for your laptop to pickup. When you connect and open your browser, it looks like you are at the proper location. However, the confidential information you enter to purchase an account, is actually being logged by the hacker. The Evil Twin can capture your every keystroke. They can see all the sites you visit and obtain the logon information as you enter it.
Security
Security implies safe surfing. Once your computer is powered on, others can access it, modify it and damage it - if you let them, or not. When you connect to the internet, hundreds of millions of other users are all connected too. It only takes 1 to find you. When you access your email, is the site secure? Does the lock show up in your browser indicating an SSL secure connection? Do other surfers in your location see your computer on the network? Or does the location support Wireless Client Isolation?
Does the hotspot location offer open access to surfing in which anyone can use the internet? Or does the hotspot provide controlled access in which users must identify themselves by registering for an account in order to log on? Spammers are attracted to “free” and “open”. Hackers and Identity Thieves are attracted to “public”.
Are you able to access the hotspot location’s business computer network? Are the hotspot’s POS, credit and mission critical files protected?
There are many dangerous traps that you can unknowingly fall into when using WiFi at a public hotspot location. The question is: How do you protect yourself?
Safety Solutions
There are some simple and fundamental precautions that all WiFi Internet users should take. It all starts before you venture outdoors. Take a moment to properly setup your computer. The easiest place to start is with the file sharing setup on your network. Make sure you turn off file sharing. In Windows it is usually found in the Local Area Network Properties dialog. On a Mac it is found in the File Sharing dialog. By turning off file sharing, you will be preventing others from gaining access to the files stored on your computer.
Make sure you have Virus protection, Spam protection, Spyware protection and Firewall protection.
Make sure you password protect your important files, and your computer, requiring a login whenever it boots up.
When You Venture Outdoors
Choose your location. In a public environment you need to make sure the location you visit is secure and safe for surfing. If they provide free surfing, or free surfing in exchange for a purchase, make sure the access is controlled by unique logon codes. This prevents freeloaders and the “bad guys” from easily accessing the internet.
If access requires the purchase of an account online with your credit card, make sure the purchasing mechanism is secure. Make sure the SSL or Lock is showing on your browser. Verify the credentials of the SSL connection by examining the properties of the Lock.
Ask if the location supports Wireless Client Isolation. This will prevent others from seeing you connected at that location.
Finally – you may want to consider avoiding public access computers and internet kiosks. You have no control or knowledge of how someone else’s computer has been setup, secured and or compromised.
Choose your seat. Stay clear of prying eyes. The easiest way for someone to steal your identity is simply by watching as you actually enter the information. This is often one of the most overlooked precautions one can take. Just as you are careful at an ATM machine, be careful at a public hotspot. Keep your information private.
Choose your connection. Make sure you are connected to the correct SSID. Before you search the available networks, check with the location for the exact SSID name you should be connecting to. Do not accept any variations. For example, if the SSID is supposed to be WHOTSPOT, do not accept WOTSPOT or WHOTSOT. If you are unsure, ask.
Choose your sites. Make sure that all sites that require confidential information are SSL protected. That means Banking, Email, any site requiring a password should all be secure. You should access them with https:// as the prefix in the URL. The “s” part is the important “secure” part.
In conclusion, great connectivity brings great opportunity. In order to avoid serious problems, we have outlined some key steps that are important to take when using public WiFi. Protecting your confidential information should always be in the front of your mind. Until bulletproof security becomes part of every operating system, proceed with caution when you leave home.
About the author: Terry Fagen is the founder of Whotspot.com, a provider of managed WiFi services and products.
The author invite your comments and experiences concerning this topic. Feel free to post your responses on our blog at whotspot.blogspot.com, or visit us at www.whotspot.com.
Thursday, August 24, 2006
Subscribe to:
Posts (Atom)
