My most recent article on public wireless networks security has gotten quite some feedback from my readers, which is appreciated. It has also raised a number of questions. While I always love to answer correspondence on an individual basis, there were enough common ground in some of the questions to justify a follow-up article. So here we go.

The main point raised was what to do when one is on the road for prolonged periods of time and cannot just wait until the next time one is home and able to connect the portable computer to a secure wireless connection to do banking and other sensitive data transmission type activities. The earlier article tips were more about what not to do. But can one DO about it? Note: because the technical level of my articles is geared toward the non-initiated and the technical details are generally left out, I will only cover what can be done in a generic way.

For starters, you can make sure your general portable computer security level is robust:

• Is sharing files and folders enabled in your laptop’s wireless connection? it shouldn’t.
• Are any of the services that allow remote connections to your computer running? they should be disabled.
• Is your wireless card set to roam aggressively so if it finds a stronger signal it connects to a new hotspot automatically? that opens the door to connections to rogue hotspots and should therefore be set to not changing automatically.
• Is wireless network ad-hoc (computer to computer) mode disabled in your laptop? it should be to avoid accidentally connecting to someone else’s computer.
• Is your firewall on, and if your operating system is Windows XP, do you have a more robust firewall in place? consider free alternatives like Comodo’s or ZoneAlarm’s firewalls.

That covers a few points. But even with all the above points taken care of, there is still the problem of connecting to a hotspot that has no encryption. What to do then when one is about to engage in sensitive emails handling, online transactions, banking? The solution with the most consent is, use a private virtual private network (VPN). What is a VPN? It’s a type of network technology that allows secure communication between 2 computers or groups of computers via a public channel, usually the internet. It has many uses and providing wireless security while on a public hotspot is just one of them.

Both free and paid versions of personal VPN programs exist that can be applied to this problem. An example of a free one is Hotspot Shield, that can be found here: http://hotspotshield.com/. An example of a paid one can be found in this link. There is no implicit recommendation of either of these examples, although the free one was recommended to me by one of my readers. Update: See http://remotehelpexpert.com/blog/?p=1615 for an update on the hotspotshield recommendation.

So if you are in the situation where you are on the road constantly and need to use public hotspots, you might want to consider a personal VPN solution as a deterrent to wireless sniffers and man-in-the-middle type of attacks.

In a nutshell: Not very. With portable computers being more and more popular, and wireless access in public places being found more and more often, this becomes a problem.

Let’s take a look. Public wireless networks (hotspots) like those found at airports, cafes, libraries, hotels, supermarkets, etc. lack encryption. What is encryption? basically the transforming of information using a special formula that is only decipherable by having a certain piece of information – a key. So your hotspot with no encryption looks like this:

laptop –> wireless receiver –> Internet

Nothing wrong with that, except the information is traveling from your laptop in the form of radio airwaves spreading in all directions in plain form and it’s therefore possible for a “sniffer” to intercept the data – an activity that has been given the name of “sidejacking”. And since there is no encryption, your data is open to view.

Let’s look at the same setup, but with encryption enabled:

laptop  –> (encryption) –> wireless receiver –> (decryption) –> Internet

Now the wireless aspect of the data transmission is protected by encryption, and is no longer available to sniffers who might want to access it. Of course strictly talking any encryption can be broken, but the difficulty to do it when using good encryption discourages most cyber-criminals as long as the target (you) doesn’t look too attractive, as I’ve explained in this earlier article.

So, what rules emerge from the above data? when using a public, non-encrypted hotspot to access the internet:

1) Do not enter passwords or supply other credentials in a website, unless the webpage itself is protected with encryption (in browsers like Internet Explorer or Mozilla Firefox you’ll see a lock in the lower right corner to symbolize encryption is being used in that web page, and typically the website address starts with “https://” instead of “http://” , signifying the page is secure). Even then and for reasons beyond the level and scope of this article this is not particularly recommended.

2) Avoid banking or doing online transactions, even in a secure webpage.

3) Basically, don’t do anything on your computer related to an internet connection you wouldn’t mind doing if you had a bunch of strangers right behind you looking at your screen and taking notes!

Wait until you get home (or to a secure wireless network)  to do any of that. And I surely hope you have encryption enabled at home if you connect wirelessly to the internet!

Hope this data helps.