Last week the Huffington Post commented on how to avoid hackers, especially for celebrities.  It was an article full of useful information, but only if you know how to use it.  The fourth of these was to avoid WiFi networks.  Well, that’s nice, but what is it and how does one avoid it?

One can define WiFi as the technology that allows an electronic device, such as your smart phone, laptop or iPad, to connect to the Internet wirelessly (using radio waves).  In order to connect, you must be able to send information to a hotspot (or access point).  Such hotspots are limited inside because walls, furniture and other physical objects can block the signals, but have a greater range outside.  Wi-Fi allows cheaper deployment of local area networks, and  in spaces where cables cannot be run, such as outdoor areas and historical buildings.

You may well have used WiFi at your local Panera (or St. Louis Bread Company as it is known here) while eating.  Bookstores, restaurants and lobbies of hotels also generally provide WiFi coverage to their customers.  Most devices attach easily to WiFi, and may attach automatically (with no obvious signal to the user).  It is a convenient way to access your email, social networking, or web searches from your portable device.

But, it is also an easy way for others to access your email, social networking or web searches.  Most public WiFi networks have no security associated with them (as indicated by the fact that you have no password or other requirements to join the network).  Since there is no security on the network, anyone can attach any device to the network and do on it what they want.  Some people, then,  attach devices that can read any non-encrypted transmission over the network.  That includes your passwords, credit card numbers, confidential corporate information or your surfing history.  This is comparable to the person eavesdropping, except it is with the computer.   They may also be able to masquerade as another device and send requests for information (such as data or pictures) to your computer (which your computer thinks it should honor).  As I have said before, sometimes people do this for fun, or to learn what they can do.  Others engage in such behavior to find information that might be sold to magazines or used to blackmail people.  Still others engage in the behavior to steal confidential information (such as credit card numbers) that they use to steal money.

So, what do you do?  Of course, the normal precautions of having your security software up to date will prevent someone from unleashing a virus or malware on your computer.  But in addition, many security experts suggest you avoid such networks.  Or, if you do use them, set up a virtual private network (or VPN).  You may already be familiar with a VPN because you may use that to login to your company’s computer.   VPNs typically require remote users of the network to be authenticated, and often secure data with encryption technologies to prevent disclosure of private information to unauthorized parties.  This software prevents sniffing of the material sent over the network, ensures that communications come from the place they say and that information is not intercepted inappropriately.

A Mobile VPN gives a user the same level of security when using public WiFi networks.  Instead of requiring a stable location on a network like the traditional VPN, a mobile VPN maintains a virtual connection to the application instead.  It allows the computer to move among WiFi networks which changes the “address” of a computer, and handles the changes of the addresses transparently.  This kind of security has been used by police officers as they move among cell towers, and by hospital personnel as devices move with patients.  Both applications require absolute security.  Using a mVPN may involve additional hardware and will involve additional software provided by a third party.

It is, of course, an extra step.  But, if you do not want the world to know the data you process, then perhaps the extra step is necessary.

 

Advertisements