pcnelson.com

In the business of the Fall I nearly completely dropped the ball on this blog series. This series was born out of a conversation I was having in my office over the top ten things not to do on the Internet. Most problems that I see on computer systems from friends and family come from “self-inflicted wounds.” In other words, the user themselves cause the problem by not being careful. However, to be fair to my friends and family, most people just don’t know what not to do…. thus the series.

I was reminded of this warning while eating the other day in a popular Memphis lunch spot. As I ate, I was amazed at the number of business men and women that were coming in the restaurant with their laptops to use the available wireless network. There were at least 20 wireless workers typing away on their laptops, performing business, checking email, all the usual. One friend of mine, a hedge fund manager, was conducting several important trades on his laptop while having a sandwich. I asked him if he ever worried about the security of performing such work on an insecure network. As expected, I got a deer in the headlights look.

In an earlier post I explained how today’s wireless networks perform like a wireless hub and not a network switch. This means that every computer connected to a wireless network can see the traffic of every other computer on that network. It did not take long for me to scare my friend thoroughly by opening my laptop, opening ethereal to sniff the network, and isolate his traffic. I could see all of the emails that he was sending and had I wanted to could even have captured a few of his unencrypted passwords. Yes, there was some shock value in showing him this, but my message was clear. Just as my mother told me not to talk to strangers - don’t talk to strange networks. You never know who may be listening.

Now all of this may sound a little paranoid, and it probably is, however if I were a smart thief and wanted to pickup a few passwords of wealthy men and women in Memphis, I know what I would do.

So how do you protect yourself? There are several ways. One, you can limit your browsing on these networks to just simple web browsing. Don’t open your email client or other programs that transmit your password. If you need to check your email, use a web based client as long as it uses a SSL encrypted connection. All SSL protected pages will show a padlock somewhere in the browser window. This encryption means that all of the traffic you are transmitting on the network is protected and even if it is intercepted it can’t be read.

The second way to protect yourself is to encrypt ALL of the traffic that you are sending out of your wireless network card. In other words don’t just encrypt what is on protected pages, but encrypt each and every packet coming and going from your system. I really like this solution because it allows me to work as normal with no fear of what my be intercepted. There are two services that I like for accomplishing this task, Hot Spot VPN and Public VPN. These services encrypt every packet of information coming and going from your computer making it virtually impossible to read any sniffed traffic.

It only takes a few minutes to setup an account with either of these services and the security that they offer is fantastic. So the next time you are working at coffee shop with your laptop you can enjoy it just a little more knowing that you are secure.

[tags]security, wifi, hotspot, vpn, wireless networking, memphis, cyber cafe[/tags]