Using Wi-Fi Hotspots Wisely
By John Anderson
Wi-Fi hotspots are popping up all around town. Many folks use their
laptops while
sipping coffee at their favorite haunt. Is it safe? It can be, depending
on the steps
you take to protect your laptop and your identity.
Public Wi-Fi hotspots are designed for ease of use, not for security.
In most cases,
they either use no encryption, or they are encrypted using a common
password.
Remember, you are not at home, and most everything you type on the
keyboard
or see on your display is open for others to see. This means they are
good for
browsing, but not for conducting personal business, or for business use.
There are three main things to beware of: packet sniffing; shoulder
surfing; and
bogus login pages.
Packet Sniffing
Wi-Fi uses radio waves, which means that anyone within range can
receive them. This range, while usually a few hundred feet, has been
known to
extend over 100 miles. The data you send and receive is broken into
packets.
Packet sniffing is done with easily available software that captures and
re-assembles
these packets, revealing everything you are doing. And there’s no way
you can tell
when it’s happening. This is why encryption is so important.
Shoulder Surfing
If you have ever used an ATM, you probably get nervous when
someone stands too close while you’re keying in your ID. You are careful
not to let
them see what you’re ‘typing’. You should use the same caution when
entering
ID/Password info while using Wi-Fi. Unlike an ATM, where there is a
custom to
‘Give the current user some space’, a crowded coffee shop does not
afford the
space. It’s up to you to guard your information. And NEVER walk away
from your
laptop – it might not be there when you return!
Bogus Login Pages
There are those who will set up phony Wi-Fi login pages to
capture your login information. The person next to you might have their
laptop
set up as an access point named ‘Starbucks’. Never assume. Always check
with the
establishment you are in so you know the name of their access point.
Don’t just
log in to ‘Free Public Wi-Fi’.
What You Can Do
There are some steps you can take to protect yourself.
 | Whenever you are doing something other than simple browsing,
such as
using email or on-line ordering, make sure you are visiting a secure
site.
You can easily determine this by checking the first 5 letters of the
web
address. If it starts with https, you are OK. Some web-based email,
like
Gmail and Yahoo! use https for logging in, but revert to insecure
http
for the email interface. If possible, choose the option to force
https
or SSL communication while using email.
|
| Never use Public Wi-Fi for banking!
|
| Make sure your firewall is on, and protecting your
wireless connection. Many
firewalls automatically protect your wired connection, but not the
wireless one.
|
| Disable file and printer sharing on your laptop.
|
| Password-protect your important documents.
|
| Cookies make browsing easy, but are risky. They can contain your
id, password,
and credit card information. Delete your cookies before using a
Wi-Fi hotspot.
|
| Be discrete - thieves are everywhere.
|
| Know the name of the connection you want to use, and disable the
‘Auto Connect’
feature on your laptop.
|
| If your company has a VPN, use it. This sets up a secure tunnel
through the
hotspot to your company’s servers, and then to the Internet.
|
| Never, ever, use a public computer (like in a library) – thieves
install key loggers
and other software that will record every keystroke you type.
|
| Remember that most instant messaging programs are not secure.
Try AIM Pro,
which offers encryption.
|
| Don't automatically connect to Wi-Fi hotspots - manual
connections are safer.
|
| Use a browser other than Internet Explorer. |
