Data Doctors: Q. I heard someone call your radio show saying that all public Wi-Fi is completely unsecured, and anyone around you could easily see anything that you were doing. Is this true, and, if so, what should I be doing to protect my computer? - Nathan
Q. I heard someone call your radio show saying that all public Wi-Fi is completely unsecured, and anyone around you could easily see anything that you were doing. Is this true, and, if so, what should I be doing to protect my computer? - Nathan
A. The convenience and relative low cost of wireless technology has helped foster a huge network of more than 100,000 U.S. public Wi-Fi “hotspots” designed to allow anyone to access the Internet.
The fact that anyone can connect also means that those with malicious intent can be lurking as well.
While I agree there are security risks when connecting to public Wi-Fi systems, I wouldn’t say that “anyone” around you could electronically see what you are doing.
To intercept your transmissions, a fellow user would have to install special software called a “packet sniffer,” which secretly copies unsecured packets transmitted on the same network, or create a “man-in-the-middle” exploit to trick you into connecting directly to their computer instead of a Wi-Fi access point.
Packet sniffers are readily available on the Internet, and any motivated 14-year old could figure out how to use one. But that doesn’t mean that everyone around you has one.
The other issue is that even if they can see what Website you are surfing, no harm is done unless you access your e-mail account, an online banking site or other normally secured resource on the Internet.
Secured sites on the Internet will show up as “https:” instead of “http”. So if you do need to type sensitive information into your computer, make sure you are doing it on a page that has the https: prefix, so your transmissions are encrypted.
Sadly, many Web-based e-mail systems have a secured login page, but once you get past it, the rest of the pages are not secured. The easiest way to tell if your Webmail system is secure at all times is to log in, then go to your Inbox and see if the https: remained.
If your Web mail does not encrypt pages after the login screen, then you need to think twice about using it on public Wi-Fi networks without adding additional security software such as VPN - Virtual Private Network - software.
To avoid the “man-in-the-middle” attack, be careful to look at the icon next to each available connection when you are attempting to connect to a Wi-Fi network. A fake Wi-Fi connection will appear as two computers instead something that looks like an antenna.
This type of exploit is especially prevalent at airports or hotels that charge for Internet access. Hackers will set up something that looks like a free alternative to the pay services, which causes folks to try them first.
For most users, if you connect to anything and get Internet access, you don’t think anything of it and continue on with your business, which is exactly what they want you to do.
Windows XP users can change a setting in their wireless network adapters to tell Windows not to allow connections to “Ad Hoc,” or machine-to-machine, networks. Vista users by default have this turned on. Step-by-step direction for XP users can be found at http://bit.ly/AOVxR.
The ultimate security for road warriors comes in two options: pay for a cellular-based data service or use VPN software to protect everything that you type in public.
There are a number of free and low-cost options for personal VPN software, but it’s important that you understand the differences before making a decision. Free systems monetize the service by taking over your browser and adding a banner ad to everything that you do. In addition, these free services make money by giving advertisers targeted audiences, which means they will be tracking everything you do. If you want true privacy, don’t consider a free VPN service.
If you only need to secure your system for a short trip, companies like SurfBouncer (http://bit.ly/dThlV) offer weekly or monthly options starting at $4.99 a week.
If you are on the road a lot more often or deal with lots of secured access while on the road, Witopia (http://bit.ly/12durT) offers services starting at $39.99 per year that work with both Windows and Mac as well as many handhelds such as iPhones and Windows Mobile 5 and 6 devices.
Ken Colburn is president of Data Doctors Computer Services and host of the “Computer Corner” radio show, which can be heard at noon Saturdays on KTAR 92.3 FM and at www.datadoctors.com. Readers may send questions to firstname.lastname@example.org.