Protecting yourself on the internet: WiFi security

RBC | First things first… What does WiFi stand for? Well, no one really knows for sure. It does NOT stand for “Wireless Fidelity” as was reported in a news release back in the fall of 1997. Technically speaking, the term “WiFi” or “Wi-Fi” is a trademarked nickname for the definition of the IEEE 802.11x wireless networking standard. That’s it… No mystery. Just a nickname for wireless network technology.

Back in 2000, I wrote a whitepaper on ways to secure WiFi networks. This was about the same time that WiFi started to become popular for home use. It was also about the same time that WiFi was exposed as being uniquely vulnerable to hacking. The problems that caused these vulnerabilities were numerous, but the single most glaring problem was that most consumer-grade wireless access points came from the factory with absolutely no security measures enabled. There were security measures available on access points but in most cases, consumers never bothered to enable them. A large portion of consumers never even bothered to change the default password. To compound this issue, the security measures that were available (which I’ll refer to as “light encryption”) had been cracked by hackers, making it easy for almost anyone with even limited technical expertise to gain access to a private networks.

Fast-forward 20 years… WiFi access to networks, both private as well as public Internet access, has become almost as common as microwave ovens. Security measures on wireless access points have been upgraded the point that I can almost say that WiFi is relatively secure… almost. There are a number of ways that WiFi can be made more secure than it was 20 years ago, but a lot of that depends on how the access point is set up initially. One thing I can say is that the local Internet service providers here in Rio Blanco County are getting it right. When my WiFi Internet access was set up in my home, it was set up with security in mind and I appreciate that.

There are other things that you can do to protect your home WiFi, but it really depends on how willing you are to give up convenience for enhanced security. The easiest and most important thing you can do is change your WiFi password. Something that WiFi access points do by design is advertise their presence. If you’re working from a laptop, a WiFi-enabled desktop computer, or even most smartphones, you can see a list of available networks. Each access point will broadcast its name and its security status (i.e. secured or not secured). If you’re willing to give up the convenience of seeing your access point on the list, you can actually turn off this feature off. If the hackers can’t see your wireless access point, they typically won’t try to hack it. They simply won’t know that it’s there.

The Cost of Free WiFi

Unfortunately, your home WiFi isn’t the only network access point that you need to worry about. A lot of businesses offer free WiFi Internet access for their customers. A “large Seattle based coffee shop franchise” helped revolutionize this offering. They welcome you to bring in your laptop, have a cup of coffee and get some work done. There’s only one problem… Hackers have found a way to intercept your computer’s connection request and they can literally capture any information you send to or receive from the Internet. An example of this technique utilizes a hacking device called a “Pineapple.” It’s a tiny, battery operated, highly customized WiFi access point that literally fits into a large coffee cup. A hacker can sit in the shop or restaurant and configure the Pineapple to appear just like a legitimate access point on the Available Networks list, but with a slightly stronger signal. Because the signal is stronger, your computer or smartphone will connect to it first. The Pineapple connects to the shop’s real access point and at this point, your Internet traffic simply passes through the Pineapple. The hacker simply collects your data as it passes through. Typically, when you connect to a free WiFi access point, the process will force you to a web page where you  are required to enter your name and/or email address and acknowledge their “acceptable use” policy. If you connect to free WiFi and you aren’t prompted in for this kind of information in some way, your connection may not be secure.

Hotel WiFi

Most hotels these days offer free WiFi to their customers and for the most part, they do a pretty good job of keeping things secure. The problem comes more from laptops that are not properly secured. Almost all laptops these days (i.e. Windows and Macs) come with a built-in firewall. If the firewall is improperly configured or even turned off, the laptop will advertise its presence on the hotel network. If a hacker can see your laptop on the network, then you are a potential target. A functioning firewall is your best defense against hackers in this case. Unless there is some compelling reason for you to disable or alter the configuration of your laptop firewall, I recommend that you leave it enabled even when connected to your home WiFi. Just as an FYI, most residential WiFi access points include a basic firewall and it is typically enabled by default.

 

By Brett Dearman | brett@ht1885.com

Be the first to comment

Leave a Reply

Your email address will not be published.


*