Beware Wi-Fi Hotspots

The modern world is all about working on the move and the rise in WiFi hotspots has encouraged a coffee-shop culture of meetings and working ‘out of the office’. Yet, while the hotspots may offer the chance for you to connect online, it may also offer ‘others’ the chance to connect to your machine, without you knowing.

Many hotspot providers do not encrypt their wireless connections. This means that anyone within range of the hotspot can capture data coming from and going to your PC. The potential risk has been increased recently, following the release of a plugin (Firesheep) for Firefox which makes it even easier to listen in at wireless hotspots. The plug-in allows anybody – even those who don’t really understand networks or hacking tools – to listen in to a lot of the web traffic going to and from PCs near them.

How to keep safe:

  • Apply common sense. This risk has always been present at unencrypted hot spots, but there is now a widely available tool to exploit it.
  • Use SSL encryption. Data sent over SSL is safe, so look for the padlock and you are more secure. Remember however that often only certain pages of a site you are visiting will be SSL encrypted, your other session browsing details may be accessible to potential eavesdroppers.
  • If you are accessing company systems, use the company VPN if it exists. This might be more time-consuming but in the long-run it is much safer – even for systems which are normally public facing.
  • Avoid sites which place cookies on your machine – that includes social media sites like Myspace and Facebook. Any cookies not sent over ssl can be intercepted. At present Facebook does not send cookies over SSL so they are vulnerable but are quoted to be “urgently reviewing their security”.

Play it safe. The key to remember is that if you aren’t certain a site is safe to use on a public hotspot then don’t use it – the risks are too great. Accessing a public WiFi could be the equivalent of broadcasting your laptop / mobile display on the giant screens at a stadium concert.

If you wouldn’t want that sort of ‘sharing’ of your browsing habits or personal details, think about your public WiFi use. If you must use public WiFi hotspots consider installing software that can detect Firesheep in your locality such as WireShark, Scapy or the new Firefox plug-in BlackSheep.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Tim Fuell only joined the Webfusion team last year but having been a customer of the group for more than 10 years, he knew all about their success in the Web hosting field. After writing his Masters thesis on the threat of cybersquatting way back in 1998, he has seen the Internet grow beyond even his wildest dreams. A journalist for over 16 years and a qualified Solicitor, Tim is one of a team of bloggers in the Webfusion stable aiming to educate, inform and assist their online readership.