Community Newsletter: Q&A: What are the dos and don'ts for using public Wi-Fi?
- 7/24/08 12:04 AM
A few things to remember when on public networks...
by liquidsquidstudios - 6/29/08 3:45 PM In reply to: What are the dos and don'ts for using public Wi-Fi? by Lee Koo (ADMIN)
1.Make sure you are on a legitimate network.
Ask an employee of the establishment you are lounging at for the name of the Wi-Fi network. Do not assume it is the one labeled "Free Wifi" or "Public Wifi", this could just be some wiseguy looking for people to hop onto his network as they surf so he can log everything you are doing. Also ask the employee what the password is. Most establishments in populated ares will have a password so people near by can't mooch.
2. Keep your eyes out for S for Security.
When you are on a site that may contain personal info make sure you see the S in https://www.bankofamerica.com. The https stands for secure. The new beta version of Mozilla Firefox 3 has increased security feature and will give you a big green bar when you are at a secure site. If a site you regularly use does not have a secure certification and you post private information to that site, anyone around you can have access to that information. So call the site's webmaster and demand certification.
There are a lot more steps you can take to securing your privacy in public. But if you follow these two simple rules you should have a great trip with safe surfing!
finally someone answering the actual question!
by Carol T - 7/19/08 8:39 PM In reply to: A few things to remember when on public networks... by liquidsquidstudiosThanks for an answer to the question instead of joining the "my computer is better than your computer" discussion which has taken over.
When you say "on a site that may contain personal information" do you mean like logging on to your actual bank account site, which is always goig to have the "s" or do you mean like ordering something from Sears and putting in your credit card and then logging out right away? Or both? Getting something from sears would also always have a "s" in the "https". Or for that matter, say you are ordering from somewhere that stores your credit card for when you make purchaes, like an airline or Amazon, but doesn't show it when you are on the site, yet once you log on to make a purchase, into the secure site, they know who you are?
protecting personal info
by the_wme - 8/1/08 2:00 PM In reply to: finally someone answering the actual question! by Carol TDo not give personal info to sites that do not meet the following criteria:
1) require a secure login (as in, the login page is https... and do check, don't assume)
2) remain secure (https) the entire time you're logged in.
as I posted in another thread, a tip for gmail users to let you follow the above criteria: load https://mail.google.com instead of http://mail.google.com and it will stay secure after you've logged in. That is not true of all sites, however; some only secure the login process, even if you specified https when loading the login page. So you'll have to keep your eyes open using something else for the first time.
Virus Trojans and rootkits
by omen1 - 6/30/08 2:48 AM In reply to: What are the dos and don'ts for using public Wi-Fi? by Lee Koo (ADMIN)
Make sure that you have antivirus and that it is update also antispyware and rootkit checker, do not logg on to your pc as admin when going out on the ethernet log on as a user only. always check you pc when finished on the ethernet run the above tools, keep your antivirus uodate and spyware always check pc after installing new software on memory stick from another pc.
do's and don'ts for using public Wi-Fi
by Ankit B. - 6/30/08 6:06 AM In reply to: What are the dos and don'ts for using public Wi-Fi? by Lee Koo (ADMIN)
Margaret,
First, be aware that (almost) ANYTHING that you type or any info that appears on your screen while you're using a wireless connection can be seen by others nearby.
If you are accessing a page that requires a login and password, or if you are entering ANY personal data (credit card, SSN, etc) make sure that you are on a secure site. That's easy enough -- just check that the web address begins with https instead of the usual http -- and your information will be safely encrypted before transmission. As long as you're on a page with an address that begins with https, the data you send and receive is protected from sniffers and snoopers.
But be on your guard, some web-based email providers have a secure login page, but after you're logged in the access reverts to normal non-encrypted mode. So any email you send or receive while on a wireless connection is out in the clear. Google's GMail and Yahoo Mail are examples of webmail services that work this way. Until recently Hotmail didn't even offer a secure login option. So look for the link or checkbox for the secure login when accessing your web-based email. If your service doesn't offer one, consider switching or decide to live with the security exposure.
Oh, and there are the "shoulder surfers" to watch out for. Just like when you're entering your PIN code at an ATM, you need to keep an eye open for anyone who might be glancing over your shoulder while you hunt and peck in the airport or coffeeshop. I always use two fingers when entering my pin or password... one presses the correct key and other is a decoy. So even if someone was watching from across the street with binoculars, it's almost impossible to steal a password.
Before you use a Wi-Fi hot spot, users need to take some precautions to ensure they are safely and securely connecting to the Internet.
1. Install a Firewall
Anytime you use your mobile gear on the road and especially in hot spots, make sure you have installed firewall software. Hot spots aren't secure access points and users need to take responsibility for their own security.
2. Disable Wi-Fi Ad-hoc Mode
You should only allow access point networks that you have created using your Wi-Fi software or you can use network connections in Windows XP. Don't allow instant network connections that you have not approved of or are aware of. When in a hot spot you may pick up other Wi-Fi networks that you do not want to access or allow access to your laptop. Disable ad-hoc mode before entering a hot spot.
3. Use a VPN
When connecting to a corporate network one should use their company VPN. This provides additional security for your gear. Working in a hot spot can create new risk exposures and the potential for your data to be comprised.
4. Disable File & Printer Sharing
When using a Wi-Fi hot spot, you don't need to have their laptops file and printer sharing enabled. Leaving this enabled while using a hot spot leaves you vulnerable to hackers. This is another item that should be disabled before entering a hot spot.
5. Turn It Off
When you aren't connected to a Wi-Fi hot spot, you should turn off your wireless devices. If you are working but don't wish to be connected, remove the Wi-Fi card. There should be a manual switch to turn Wi-Fi off or You can disable the connection using the Wi-Fi software.
6. Don't Advertise Your Wi-Fi
When users are in public areas such as a hot spot, it is not the time to brag to strangers about your Wi-Fi capabilities. Always be discreet when working and don't let others view your work. You could end up making yourself and your mobile gear a target for theft.
7. Make Folders Private
Making your folders private on your laptop will make it less appealing for a hacker to try and gain access to your documents. In a hot spot you don't know who is working around you or who might be attempting to access your laptop.
8. Password Protect Your Files
Another step to securing your data and making your work a less desirable target is to password protect specific files. There are a variety of software programs available which can provide you with password protection and the added peace of mind that it will bring. Remember to password protect any important files before using a hot spot.
Regards
Ankit
repy to Ankit
by trvlrtom - 7/19/08 7:45 AM In reply to: do's and don'ts for using public Wi-Fi by Ankit B.Good advice Ankit! One way to help prevent shoulder surfing is the use a privacy filter. When I travel I use one made by 3M (there are probably others availale as well..and no, Iam not employed by 3M). It works great. When in use my screen cannot be viewed by someone sitting next you or looking over your shoulder unles their head is very, very close to yours. TomK
PASSWORD PROTECTION
by dele_vincent - 7/20/08 12:31 AM In reply to: do's and don'ts for using public Wi-Fi by Ankit B.Can you recommend some password protection software to use to protect my files? I use vista hme premium.
the best I have found in magic folders
by kylekitt - 7/21/08 8:17 PM In reply to: PASSWORD PROTECTION by dele_vincentthe best I have found in magic folders it hides you're files seamlesly and nobody knows you're using it except you,you can name the magic folder user files anything you want. I don't believe the file name come up in the startup files or task manager. Make sure you remember you're password or make a disable disk for it. it shows you how. it also lets you use assign keyboard shortcuts.
password protechtion
by Ankit B. - 7/23/08 3:46 AM In reply to: PASSWORD PROTECTION by dele_vincentI am using Protector Suite QL software by UPEK Inc. it integrates my file security and finger print recognition its nice and user-friendly it also encrypts your file and password/finger-print protects your files.
WPA
by afro2358 - 7/20/08 8:35 AM In reply to: do's and don'ts for using public Wi-Fi by Ankit B.Make sure your Wi-Fi security is: WPA (Wi-Fi Protected Access), Not: WEP (Wired Equivalent Privacy) which can be cracked.
secure gmail
by the_wme - 8/1/08 1:49 PM In reply to: do's and don'ts for using public Wi-Fi by Ankit B.tip for using gmail: if you load https://mail.google.com instead of http://mail.google.com it will not revert back to regular old http after you've logged in... it'll stay secure (https). I don't believe that works for yahoo, though (at least not the last time I tried).
secure gmail and gmail notifier.
by gtmark1 - 8/1/08 7:58 PM In reply to: secure gmail by the_wmehey the_wme:
sounds great if one is logging manually (and thanx for the tip) but what if one has gmail notifier? how can i change the auto address?
gtmark1@wmconnect.com
yes... don't do it.
by hipcatticus - 6/30/08 7:01 AM In reply to: What are the dos and don'ts for using public Wi-Fi? by Lee Koo (ADMIN)
Hubby and I both have laptops with WiFi as well as wireless cards through Verizon. We use the wireless connections only at home and at work where we know we have bullet proof internet security both of a software nature and a hardware nature.
It is my understanding that most of these "open access" WiFi connections, by definition, are not secure. And before you think, "oh, well, I'm not transmitting any sensitive data," what about your email passwords that transmit automatically when you open Outlook or Outlook Express? or your bank account passwords when you check your balance? All it takes is someone with the equivalent of a keylogger to copy the transmission and you are done for.
Thanks for the varying opinions and helpful experiences
by lmr45140 - 7/19/08 3:58 PM In reply to: yes... don't do it. by hipcatticusThanks for this total thread; I have found it very helpful in piecing together information where I wasn't really getting a clear answer. I recently replaced my desktop w/a laptop, with the intention of being able to vary my work setting from just home to bookstores, coffee shops, etc. I've been trying to discern among the different wifi promotions from those places vs. getting 'my own' wireless via Verizon, my existing mobile carrier. The whole wireless move makes me a little nervous, and from this thread I've determined that I can most comfortably enjoy the flexibility of using my cable-to-wifi service at home, and then opting for the Verizon service elsewhere (which also makes it consistent wherever I am). Thanks!
What are the do's and dont's for using public Wi-Fi?
by techtype - 6/30/08 7:55 AM In reply to: What are the dos and don'ts for using public Wi-Fi? by Lee Koo (ADMIN)
Cite: Bradley Mitchell
Article from About.com
hotspot
Definition: A hotspot is any location where Wi-Fi network access (usually Internet access) is made publicly available. You can often find hotspots in airports, hotels, coffee shops, and other places where business people tend to congregate. Hotspots are considered a valuable productivity tool for business travelers and other frequent users of network services.
Technically speaking, hotspots consist of one or several wireless access points installed inside buildings and/or adjoining outdoor areas. These APs are typically networked to printers and/or a shared high-speed Internet connection. Some hotspots require special application software be installed on the Wi-Fi client, primarily for billing and security purposes, but others require no configuration other than knowledge of the network name (SSID).
Wireless service providers like T-Mobile generally own and maintain hotspots. Hobbyists sometimes setup hotspots as well, often for non-profit purposes. The majority of hotspots require payment of hourly, daily, monthly, or other subscription fees.
Hotspot providers strive to make connecting Wi-Fi clients as simple and secure as possible. However, being public, hotspots generally provide less secure Internet connections than do other wireless business networks.
About.com: Wireless/Networking; hotspot
http://compnetworking.about.com/cs/wireless/g/bldef_hotspot.htm
Cite: Bradley Mitchell
Article from About.com
Q. Are Wireless Networks Secure?
No computer network is truly secure, but how does wireless network security stack up to that of traditional wired networks?
A. Unfortunately, no computer network is truly secure. It's always theoretically possible for eavesdroppers to view or "snoop" the traffic on any network, and it's often possible to add or "inject" unwelcome traffic as well. However, some networks are built and managed much more securely than others. For both wired and wireless networks alike, the real question to answer becomes - is it secure enough?
Wireless networks add an extra level of security complexity compared to wired networks. Whereas wired networks send electrical signals or pulses of light through cable, wireless radio signals propagate through the air and are naturally easier to intercept. Signals from most wireless LANs (WLANs) pass through exterior walls and into nearby streets or parking lots.
Network engineers and other technology experts have closely scrutinized wireless network security because of the open-air nature of wireless communications.
The practice of wardriving, for example, exposed the vulnerabilities of home WLANs and accelerated the pace of security technology advances in home wireless equipment.
Overall, conventional wisdom holds that wireless networks are now "secure enough" to use in the vast majority of homes, and many businesses. Security features like 128-bit WEP and WPA can scramble or "encrypt" network traffic so that its contents can not easily be deciphered by snoopers. Likewise, wireless routers and access points (APs) incorporate access control features such as MAC address filtering that deny network requests from unwanted clients.
Obviously every home or business must determine for themselves the level of risk they are comfortable in taking when implementing a wireless network. The better a wireless network is administered, the more secure it becomes. However, the only truly secure network is the one never built!
About.com: Wireless/Networking; Q. Are Wireless Networks Secure?
http://compnetworking.about.com/cs/wireless/f/arewlanssecure.htm
As can be seen when it comes to both wired and wireless networks nothing is truly secure. The best that can be done is to secure your computer the best you can. I picked these two articles because they answered your question with plain common everyday language. Actually it does not matter, you use the network basically at your own risk. The only thing you can do is make your computer and network as secure as possible.
Rick
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
