Feels great to surf the net, zip mails and download -- literally from thin air -- at Wi-Fi 'hotspots'?
It must be, surely. But be warned. Someone somewhere could be snooping inside your laptop even as you blissfully trawl cyberia.
Hackers using simple sniffing tools can tap into unencrypted data passing through hotspots -- data from your machine stolen from right under your nose. And as is the case with virtual thefts, you may never notice it.
The reason for such a lapse in security is, as experts point out, Wi-Fi is still a technology that corporates and individuals are getting used to.
Most laptops in a normal wired atmosphere are part of a secure network, but in the case of a public hotspot -- such as at airports, coffee bars etc -- it is an open network with no one knowing who the users are.
Additionally, as V Sriram a Chennai-based security expert points out, "Most companies have not configured or educated laptop users to use it securely. Today, new laptops are Wi-Fi-enabled and there a lot of users who have bought Wi-Fi cards and Wi-Fi-enabled their systems without informing the IT team in the office. There is a gaping security hole in these cases when the laptop goes out of the office environment into a public hotspot."
But it is not easy to break into data on a laptop. "Every computer has an unique machine address code or MAC code, which is a 48-bit code. In the Wi-Fi environment, there is a unique addressing system that is followed. The hacker needs to know the MAC code or the IP address of the machine for him to tap into data," Sriram says.
"Importantly, though, the wireless system has a set frequency no hacker can tap data while it is being transmitted. They can at the most only jam data," he points out. But the moot point being that if you are in a mode where your laptop is in a shared mode.
The good part of all this is that most wireless networks are secure. But even if the hotspot is insecure, you can minimise the risk to yourself by ensuring that your laptop is not in a shared mode and also having an IDS (intrusion detection system) and a firewall installed.
While buying these software can set you back a neat sum ($600 for an individual Firewall licence and a similar amount for an IDS), it would be smarter to just use one of the many free ones available on the net.
"Some of the free firewalls can be downloaded from www.securitywatch.com, www.tucows.com, or at www.astalavista.box.sk. Some of the free IDs' that can be installed are Snort or Blackice. They can be downloaded from www.snort.org or www.blackice.iss.net.
The Dos & Don'ts:
-
Wireless networks in public areas and hotspots like Internet cafes may not provide any security. Although some service providers do provide this with their custom software, many hotspots leave all security turned off to make it easier to access and get on the network in the first place.
- If the network itself is secure, other people should not be able to gain access to your machine. If it is not secure, you need to make sure your own laptop is. This can be done by disabling the file sharing function in your laptop. To do this, double click on the network connection (usually an icon showing two computers), then click on the "Properties" button and untick the box that says "File and Printer Sharing".
- Make sure your laptop is password-protected. And make sure the password you use is not obvious -- such as "password".
- The best way to achieve security when you are connecting back to your office is to use a VPN. If you do not have access to a VPN and security is important, you may want to limit your wireless network use in these areas to non-critical e-mail and basic Internet surfing.
More from rediff