post

Are you *still* naked in a coffee shop?

Chris Pirillo’s Lockergnome email newsletter had a link to this article Travelers Who Use Laptop Computers: Beware and it made me realize that there are now even more people accessing Wifi hotspots than ever before and most of you are naked.

Back in January of 2005 I wrote “Are you naked?” as a post that had this paragraph in it:

Security is an issue other than just at home…but it’s an underreported problem in internet cafes or public places that leave their networks wide open so it’s easy to get on them. Without a company Virtual Private Network (VPN) for your personal laptop, or some way to create a Secure Shell (SSH) to another computer for a secure tunnel, you’re vulnerable to prying eyes (email passwords go in the clear, etc.).

The latest discussions about the iPhone “hack” (which I posted about a couple of days ago here) is bringing more attention to the inherent insecurity of Wifi hotspots. While I know exactly what to do to ensure I and my loved ones have secure access when in a public hotspot, literally everyone else I know is completely clueless.

Case in point: while at the Web 2.0 Summit last October, I mentioned to several conference organizers that there were a significant number of ad hoc wireless networks setup (where a person sets up their laptop to act like a wireless access point) with names like “Free Wifi” or “Summit Wireless Access” placing attendees in jeopardy of nakedly exposing their data.  One conference leader who shall remain unnamed said, “Steve, of any group of people this one especially shouldn’t be stupid enough to connect to an ad hoc network.” You know what? In my informal poll of 20 people while there, every one of them had attempted to connect to one of these ad hoc networks since the main conference access point was either slow or they couldn’t get connected to it.

The good news? There are specific things you can do to make certain you’re secure when accessing a public hotspot.

BEST PRACTICES:

1) Make certain you’re using a ‘real’ wireless access point.

2) Turn on your firewall.

3) Turn off filesharing.

4) If you normally don’t pay attention to security notices for your operating system or applications, then turn on the automatic update feature in your operating system (both Windows and Mac OS X offer this capability) and set it to run a minimum of once per week. If you’re using Windows, buy anti-virus software and the update feature and use it!

5) If you don’t protect yourself in a public Wifi hotspot with a VPN or SSH solution, at least access your email with an https vs. an http (the former sets up a secure socket layer) which most webmail providers allow you to do. Then your email username and password aren’t flying through the air in the clear. Don’t use File Transfer Protocol (FTP) unless it’s a Secure FTP access (the former allows your username and password to go in the clear and the former secures them).

6) Consider encrypting your files (Zip, PDF, Word’s .doc, Excel’s .xls and other file formats incorporate methods which allow you to use a username and password to secure them.

SOLUTIONS: There are several solutions you should consider that make this brain-dead simple:

a) If you sign up for a wireless hotspot service (e.g., TMobile Hotspot, Boingo Wireless, iPass) they provide secure access software for you

b) Several third party solutions are available. Here are a few: Airtight; AnchorFree (free solution); HotSpotVPN (which, by the way, also secures your iPhone); iPig; McAfee’s Wireless; Network Magic; PublicVPN; WiTopia; and many more.

The point is to be aware. Don’t just wander around blindly popping open your laptop and connecting while thinking, “Nothing will happen. Everyone in this coffee shop looks, ahh, pretty nice and normal.” Well, I look pretty nice, like a “suit” (and fortunately am someone who wouldn’t dream of hacking someone’s laptop and even I know exactly how to do it! THAT is what scares me about this problem).

Look…if I know how do it with my non-programmer, only modest geekiness credentials, imagine how many people are out there sniffing Wifi packets in a coffee shop flying through the air like you are enjoying the fragrant aroma of freshly brewed coffee. They’re waiting to capture your usernames, passwords and any sensitive data you’re nakedly exposing…

About Steve Borsch

I'm CEO of Marketing Directions, Inc., a trend forecasting, consulting and publishing firm in Minnesota. Prior to that I was Vice President, Strategic Alliances at Lawson Software in St. Paul where I was responsible for all partnerships at this major vendor of enterprise resource planning software products and services. Read more about me here unless you're already weary of me telling you how incredible and awesome I am.

Comments

  1. Ok Steve, spill your guts, how do you do it?
    😉

  2. First and foremost I do all the best practices. Anytime I enter a username or password I make 100% certain that it’s an https and a trusted site I know.

    One problem example is Typepad. The member login is NOT a secure https login so *if* I were to put in my username and password it could be captured over the air…unless I was doing the following:

    I used to use Anonymizer’s SSH solution (sets up a secure tunnel so everything from my laptop to the router and over the internet is encrypted) but it’s no longer offered for the Mac. Now when I need to I’ll use AnchorFree’s Hotspot Shield (it’s free but slow) or WiTopia’s (for my wife when she travels since they’re pretty fast, cheap at $39.95 per year, and their servers don’t take much of an overhead ‘hit’ like most VPN’s — especially free ones — usually do).

    Lastly, I’m seriously considering Boingo Wireless at $39.95 per month and share the account with my wife. That way we can both use the secure software, have an account for roaming worldwide, and get one of their free stickers.

  3. And watch out for privacy issues with itunes!

    http://cheeseheadtech.blogspot.com/2007/08/itunes-security-problem.html

  4. FTPplanet.com Blog says:

    Don’t Surf Naked!

    Here’s some great advice from IT veteran Steve Borsch on protecting yourself when connecting to the Internet from public locations. “Security is an issue other than just at home…but it’s an underreported problem in internet cafes or public places tha…

  5. StarbucksAddict says:

    iPig works great on my Vista Laptop! It’s VERY easy to use.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.