Free WiFi or hotspots are public places where Internet connectivity is available to anyone within broadcasting range. Cafes, libraries, school campuses and civic centers are just a few places where you might find free WiFi. Generally, it’s safe to use hotspots with a few common sense rules.
Free WiFi networks are often unencrypted, as encryption would require login credentials for each person joining the network, hampering accessibility. Networks that don’t require credentials are easy for anyone to jump onto with little or no user direction.
A wireless router broadcasts all dialogs taking place between itself and connected computers. If ten patrons of a café are using their computers to cruise the Internet, check email or download music, ten conversations are being broadcast throughout the café and immediate area. Others within range can use widely available tools to eavesdrop on those dialogs, trapping and analyzing data packets. This is a good way for nearby malicious persons to gain usernames, passwords, email messages, and other personal information that is traveling unencrypted on the wireless network.
As a precaution, you might avoid visiting websites that send usernames, passwords or email in the clear when using free WiFi. That said, when accessing such websites from home, the data is still traveling across the Internet in plain text, subject to online snoops. By avoiding visiting the sites on free WiFi you are only eliminating the additional risk of local users who might be snooping wireless traffic.
Even if a free WiFi network is encrypted, there are different types of encryption. An old protocol known as Wired Equivalent Privacy (WEP) can be easily broken with readily available software. Only the stronger WiFi Protected Access (WPA) will prevent local snoops from being able to decipher the dialog between your computer and the wireless router. In all cases the router will decipher traffic before sending it on to the Internet, so online snoops will still be able to read unencrypted data exchanged between yourself and the Internet. WPA will only stop local snoops from reading wireless traffic.
It is safe, however, to use free WiFi for accessing sites that provide end-to-end (also called point-to-point) encryption. End-to-end encryption is automatically put in place when visiting a site with an address that starts with https. In this case, your browser will encrypt all communication before it leaves your computer, and it will only be decrypted at the destination site. The website likewise encrypts everything from its end, which gets decrypted by your browser. An interloper, whether local or online can still trap passing data packets, but the contents of those packets will be unreadable.
Online banking employs point-to-point encryption, as do shopping carts and all legitimate websites that require personal information to provide a service or product. Ideally, any website that requires a username and password should provide a secure connection to exchange those credentials, but many sites that require registration allow the username and password to travel in the clear. Unfortunately, this is also true of some Webmail services. In this case, your email is also traveling in the clear for snoops to trap and read.
While free WiFi is safe for secure websites, highly sensitive activities should only be performed from your own computer. A public computer should not be trusted for anything but casual surfing. Computers store passwords, usernames and other revealing data in a type of memory called cache making it possible to retrieve later by others. A public computer could also be infected with keylogger software that records keystrokes, defeating the purpose of point-to-point encryption by trapping account numbers, usernames and passwords as they are typed into the keyboard.
To keep your computer safe, employ reputable anti-virus and anti-spyware software that is updated frequently. Additionally, scan for rootkits regularly. These are scripts that can be used remotely to control your computer online without your knowledge. Rootkits use resources that can slow performance, interfere with the proper functioning of your computer, and can also be used to install keyloggers and other malicious software. To find a good rootkit scanner, check reputable sources like PC Magazine, PC World, or well-established geek forums.
No comments:
Post a Comment