I had no idea this was so easy to do...
I had no idea this was so easy to do...
I'm having problems with various links today. It's possibly just a server problem at my end. I can't open the link supplied in this thread.
I know there was a recent thread laptop------ to bring or not to bring?
I'll be travelling in a few weeks with a laptop, so a brief summary could be useful.
If your using wireless, people can easily get into your computer.
TIPS FOR PROTECTING WIRELESS NETWORKS:
Oh yes, wireless networking is completely unsafe. (So are the connections in a lot of internet cafes, btw. I can often tell which ones are and which once aren't by looking at the hardware - average non-geeks don't stand a chance.) Anyone on the network can see all other traffic coming through the network. And even when WiFi traffic is encrypted, the default WiFi encryption (WEP) is so horribly broken that it takes an average of three minutes to crack it (with video instruction provided - as mentioned in the article).
So never log in to any sites which don't use SSL (the little padlock icon) - including sites where you're automatically logged in through the use of a cookie. (I used to have a separate Mozilla profile for when using untrusted connections - one without any cookies at all and no email access and such. Probably will have to revive that when I go back on the road.)
Actually, let me try to be more useful. There are two issues with WiFi - 1) When you have your own WiFi network for use at home. Not really talked about here, but it colors the article and CupCake's tips a bit. And 2) When using a public WiFi network.
To tackle the latter first, this: "If your using wireless, people can easily get into your computer." is not (per definition) true. People can gain access to the contents of your computer as easily when you use a wireless network as when you're regularly connected to any network. Unless you "share" any folders (or printers) with other people on a home network (which is a boneheadedly stupid thing to do), and have all your windows security patches installed, you should be safe on that account. Just think of things like this: using WiFi is like sharing your internet connection with your housemates - except this time you don't know who the housemates are, and there are probably hundreds of them. Realize they can see everything you do on the internet (including the emails you download and the IM conversations you have) - unless those things are separately encrypted. If you log in here at travellerspoint, they can see your password. If you read your private messages, they can read them. - Except if you go to https://www.travellerspoint.com - that's encrypted (secure).
If you download your email, unless you're one of the very few who have a clueful email provider offering POP over SSL or similar, they can see your password and read any email you download (only when it's downloading - not after the fact). If you send email, they can see your password, and read the email that you're sending. Luckily webmail often is encrypted by default - or at least has a "secure login" option - so look for the little padlock.
Remember, all of this is true for the connections in a lot of internet cafes as well - although there at least you can be relatively certain that only the people in the internet cafe could look in on your connection, not random strangers sitting on benches and in cafes up to two blocks away.
So, WiFi is absolutely awesome for randomly browsing and reading news stories and message boards that you don't care other people knowing about. It's absolutely awesome for doing things that are encrypted. (Though I wouldn't try to do internet banking using WiFi.) Other than that, be very aware that everything you send and receive can be read by other people.
Then, the article mentions the "evil twins". Which is generally not a concern, unless it's a service that asks you to pay for using the connection. You might want to trust Starbucks with your creditcard - but if it asks you for your creditcard on screen, you can't know it's really Starbucks. It's just as possible that it's a criminal sitting next door with a stronger transmitter, pretending to be Starbucks. (So I'd advise only using pay-services where you can pay a real human and get a code for the login page rather than paying with a creditcard on a random website.)
Then the first issue I mentioned - if you have a WiFi network at home, anyone in the neighbourhood can tap into this network. In the article where it mentions "At the park, Rushing was able to log onto an unsecured hotel wireless signal in a matter of seconds." that's what he is doing. The hotel has a WiFi network for use of its guests. And someone outside can just gain access. And see all the traffic from the other people using the network.
Enabling the basic encryption mentioned above is good enough for most home networks. People won't really bother trying to crack it, no matter how easy it is. But again, you should be aware of the risks, and not email this important and sensitive work document when using WiFi. (Actually, you should never email sensitive work documents without encrypting them separately, but I fear that's still a bridge too far for most people...)
Thanks for the comments. I'd not set up anything on my laptop as yet WRT to the internet, so I don't think I'll bother. I'll just use it for offline purposes whilst travelling.