Tech-Friendly: Public Wi-Fi hotspot security basics

October 9, 2013

By Paul Gorski

Last week, I wrote about home Wi-Fi security (see link at end of article), so thought I’d wrap up my Wi-Fi security discussion by warning you not to use public Wi-Fi hotspots for sensitive Internet transactions.

Some public Wi-Fi hotspots, or connection points, are secure, but many are not. You’ll find public Wi-Fi hotspots in public buildings, restaurants, bars and more. Assume most public Wi-Fi hotspots are not secure. Better safe than sorry.

Before you use public Wi-Fi, make sure your computer OS, browser and security software packages are up-to-date. Enable your computer’s security firewall.

Disable the “sharing” of files and folders on your computer. I would also disable the saving of passwords in your browser.

Avoid performing banking, stock trading or other sensitive financial transactions while using public Wi-Fi. Wait until you know you are using a secure connection.

Even when checking e-mail via a browser, try to use a secure browser connection. Many e-mail services allow you to connect via “http” or “https” (secure). Choose the “https” secure method, when possible, for any e-mail or data-sharing connection.

I can’t say strongly enough: avoid conducting sensitive financial transactions while using public Wi-Fi and use secure browser connections, “https,” whenever possible.

My original Wi-Fi security article, “Tech-Friendly: Home Wi-Fi security — basics plus a bit more,” is at http://rockrivertimes.com/2013/10/02/tech-friendly-home-wi-fi-security-%E2%80%94-basics-plus-a-bit-more/. You will find additional links to other computer security articles at the end of that column.

Paul Gorski (www.paulgorski.com) has been a technology manager nearly 20 years, specializing in workflow solutions for printing, publishing and advertising computer users. Originally destined to be a chemist, his interest in computers began in college when he wrote a program to analyze data from lab instruments he hard-wired to the back of an Apple IIe.

From the Oct. 9-15, 2013, issue

2 Comments

  1. Daniel Robert Smyth

    October 14, 2013 at 9:18 am

    Just once, I would like to see a report from these scare mongers how being unsecure can actually be a problem. Go ahead, let me get on an unsecured Wi-Fi network and contact my bank. Let me as well, see who you might actually glean secure information from my activity.

    Have me send an non encrypted e-mail to my neighbor, and tell me what was in my e-mail by my lack of using a secure server.

    Showing me and others HOW our data is viewed by others is much better than just telling us to upgrade our computer and virus programs.

    It’s like just telling me to make sure my direct line to 911 is working, instead of telling me that my locked bedroom door can be opened by a pen knife!

    Show us how easy it is.

  2. Paul Gorski

    October 14, 2013 at 12:27 pm

    Mr. Smyth,

    I’m not going to share the tools that hackers use, that would only promote hacking. Articles demonstrating these tools are often covered in mainstream computing publications, perhaps you missed those articles.

    However the basic principle is to capture the Wi-Fi transmission, identify if and how it is encoded, decode it, and then capture the data you want. Decoding the encryption is the key. The time and computing power to decode a WPA2 encrypted transmission that started with a unique SSID and very unique 12-character or more password makes it very hard to hack the Wi-Fi.

    Also, here’s a short list examples of Wi-Fi hacking from across the world.

    http://news.yahoo.com/minnesota-wi-fi-hacker-gets-18-years-prison-032803295.html

    http://www.dba-oracle.com/t_unauthorized_access_computer_network_crime.htm

    http://nakedsecurity.sophos.com/2011/02/08/free-open-wifi-facebook-hack-missouri-state-representatives/

    http://readwrite.com/2013/04/16/beware-the-wireless-router-security-threat#awesm=~okgsu6bltv9yLm

    http://www.securelist.com/en/blog/208193852/The_tale_of_one_thousand_and_one_DSL_modems

    I hope this helps you believe this is a real security concern.

    Thank you for reading The Rock River Times.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>