Spring Break Security Tip #1: WiFi

  • 14 March 2012
  • 4 replies
  • 40 views

Userlevel 5
  • Retired Webrooter
  • 58 replies
It can be tempting to take advantage of free WiFi access points in airports, hotels, or in cafes, but resist the urge to use those connections to do anything other than browse for a map or train schedule.
 
Unsecured wireless connections — such as the open ones that some businesses provide as a service — can also leave you vulnerable to wireless snooping of your logins, email messages, or instant messages by other travelers or guests. The same can be said for untrusted computers in hotel business centers or cybercafés, which are magnets for data-stealing malware.
 
If the connection doesn’t ask you to provide a WPA key, assume the connection is not secure, and treat it as such. If you must use a free wireless connection, turn off any programs that automatically connect to the Internet (such as email clients or file-sharing tools) before you hook up, and try to access sites by typing “https” at the beginning of the URL.
 
Lastly, please don’t use the untrustworthy PC in the hotel lobby to do anything more private than print your boarding pass to get home.

4 replies

Userlevel 7
Badge +56
Great reminders Alex! Just to add to the thread if one has WSA-E or WSA-C with Identity Shield on a Laptop in which I only use wouldn't that be enough protection on a secure WiFi connection say WPA or WPA-2 AES encryption? I don't know if I would trust WEP encryption though?
 
@Kit - I use a VPN on the road if I have to connect to an unprotected connection or any connection really accept at home! ;)
 
TH
Userlevel 7
Interesting story...
 
I took a look at the "Public" computer in the office of my prior apartment building.  It was not locked down at all and cursory inspection revealed no fewer than 17 varied data-stealing trojans hidden on it as well as a custom job installed by one of the apartment complex residents that was sending all the data to his apartment.  It was a bit of a mess to say the least. 
 
As to open WiFi...
 
You don't even have to log in.  "I'm already logged into my Facebook account, so I never had to type my password.  Therefore, it can't be stolen," she said, unwittingly revealing her session cookies to a sniffer in the same building who was then able to be logged in to her Facebook account as her.
 
If you have access to a VPN system, that is an excellent way to secure your connection.
Userlevel 5
Thanks ProTruckDriver!

Yeah, public PCs can be a little sketchy. That spam situation sounds like a real pain. (Love the marriage comment. Ha!).

Cheers!
Alex
Userlevel 7
@ wrote:Lastly, please don’t use the untrustworthy PC in the hotel lobby to do anything more private than print your boarding pass to get home.
Excellent post Alex. We (I should say my wife) have learned the hard way about the Public PC in the hotel lobby after she used it while on vacation about 4 years ago. She checked her email and after that she started getting tons of spam. She had to change her email address after that. Just to be safe I changed all passwords on all our accounts after she told me what she did. Marriage, you got to love it ! 😃

Reply