Feed yourself!
10 Tips to Secure Your Public Hotspot Session
February 11th, 2007 by dan
Here’s a quick guide to help our shrewd readers prevent getting jagged when using an open public hotspot. This is what you need to do:
#1. Your computer comes with an efficient firewall. Use it!
#2. Download the latest wireless card driver from the manufacturer’s website. Your up to date system will have exploits and vulnerabilities patched.
#3. Don’t share your folders or files unless you explicitly need to do so. Anyone using that hotspot can access them. Password protected folders should be the best compromise.
#4. Do not use Outlook or Mail. They send your username and passwords in the clear. Use your webmail service instead. Webmail usually encrypts your sessions. If you must use your email managers, make sure your account supports and has SSL authentication set up.
#5. Do not make online payments unless your life depends on it. Really, don’t! Better wait a little to get home or at the office. You really don’t want to fund some alledged’s hacker girlfriend with Swarowsky Shop credit, do you? Chances to have your account information stolen are minimal, but real!
#6. Some IM programs do not encrypt conversations! A sniffer might return the actual dialogues in clear text. You don’t want that, do you? Sure, most of my IM is just random blurbs and bs so I use IM comfortably. It’s you to decide how sensitive your IM sessions are. Emoticons are not interceptable though. That’s reassuring, innit? :)
#7. Web pages you visit can be sniffed. Complete with images even. This is not a case worth alerting the media for, really! But you might want to be advised.
#8. You think it’s fun to tap on your neighbor’s open WiFi. Sometime it isn’t! You might be surprised to find out it’s a trap. Fake hotspots has been reported to be out there. They exist for the single purpose of sniffing out private data and mining sensitive information. This is called phishing.
#9. It’s easy to check in advance the network name of the public hotspot you plan to use. Most providers have that information on their websites. Why not do so to make sure you’re using a certified/friendly connection.
#10. Use VPN. If you can, know and like to use one, do it!
We used a freely available traffic sniffer to test the above and have isolated the vulnerable and easy to interpret data that is sent between your laptop to the access point. Most of the data the access point exchanges with the internet is already encrypted with industry-standard protocols. It’s the local loop that poses an average security risk.
It’s highly unlikely there’s someone sniffing your traffic. The hacker myth is overrated! But you can, unfortunately, be one of the unlucky chaps/gals to have their credit card info stolen or email read.
Using a wifi hotspot is not more risky than using a wired LAN. But it involves less control as there’s no cables to manage and you won’t know who’s tapping in.
There’s no bullet proof vest for the hotspot user. There’s only common sense, smart browsing. Make sure you know what you’re doing and if your session is important, consider waiting till you get on a friendly connection.
But it’s not all about your safety. One should think of the hotspot’s health as well. Don’t use file sharing or bittorrent applications while surfing in a hotspot. Make sure your computer is not infected with viruses, spyware or adware. That might spread malicious files to other hotspot users or even flag the hotspot connection. You would not want to have your favorite cafe WiFi suspended because of an ISP ban!
Most “how to” guides we read spread FUD (Short for Fear, Uncertainty, and Doubt). They tell you such crap like to disconnect when idle or not even use open hotspots at all. But that would defy the purpose, wouldn’t it? Public WiFi is relatively insecure, but totally fun! :)
Remember that whomever really really wants to sniff your stuff has better ways and tools to do so. And will eventually get that data, no matter if you use public hotspots or not.
Certain hotspots have embedded authentication systems and provide a given level of enhanced security. Some of the above might not apply in those cases, but it’s perfectly okay to follow the steps anyway.
We wish you safe browsing! :) Wireless is fun! Remember that!
Posted in All Wireless, All WiFi, Security, Travel | 
February 13th, 2007 at 3:29 am
With WiFi hotspots in urban areas approaching saturation, some cafes compete by offering free WiFi right next door to competitors who charge money for service. How the folks offering free access prevent the neighbors at Starbucks tapping in is by having an encrypted connection. When a customer buys their tea, they can get a 26 character key to type in.
My question then, is: is it still unsafe to use my POP/IMAP email client on an encrypted wireless connection?
February 13th, 2007 at 4:21 am
The answer to that would be no… because if someone wants to sniff your packets would just buy some tea…
February 13th, 2007 at 5:53 am
Always use a proxy when using public hotspots.
Heres an easy one.
http://www.mysecureisp.com
February 13th, 2007 at 1:58 pm
@ Bob: Why is that a way to secure yourself in a public hotspot? By using a proxy you just make yourself almost invisible to the outside world, the security in the hotspot is not affected by that.
Client < -1-> WiFi Access Point < -2-> proxy < -3-> the internet
If someone would want to sniff your packets he would do it at step 1 between you and the WiFi Access Point…
But a proxy indeed hides your location, by blurring out everything behind it.
April 27th, 2007 at 12:36 am
[…] Where I am sitting as I type, in the southeast corner of my urban house, my WiFi sinffer reports as many as nine separate wireless networks passing through my home. Most of these have some form of security, but a couple clearly have not been changed from the default settings, with SSID’s such as “SSID” or “Untitled”, and have no security, so I hop on for my web, keeping my mail.app firmly closed (as we all know, these mail programs have no security of their own and rely on the network’s security to keep your password private). However, more than half of the wireless networks on my corner still use the default broadcasting channel (6) so there is a tremendous amount of interference. As a result, even the one or two networks I can get connectivity through only work some of the time; I don’t need to tell you how frustrating an unreliable internet connection is. […]
July 25th, 2007 at 5:21 am
[…] 10 Tips to Secure Your Public Hotspot Session February 11th, 2007 What you need to know to protect yourself from evil hackers or WiFi’ed aliens! read more | digg story Filed under: Tech | […]