Tuesday, February 22, 2011

Safeguard Your Wireless Security

Do you use wireless Internet connections at coffee shops, airports, hotels, or at home? If so you should be concerned about about the security of your personal information. Hacking is getting much easier, and new tools, such as the free Firefox add-on Firesheep, allow people with comparatively little expertise to very easily observe your online movements. A recent article in the New York Times, New Hacking Tools Pose Bigger Threats to Wi-Fi Users, provides a great overview of both the threats to your private data and the actions you can take to protect yourself. I encourage you to read the article for more detailed information, but here are some important points:

HTTPS is an encryption method offered by many Web sites, but many do not provide "end-to-end" encryption, meaning that while your password may be protected as you enter a site, your privacy is vulnerable thereafter. The article points to another free Firefox extension, called HTTPS Everywhere, which makes HTTPS the default on Web sites that offer HTTPS as an encryption method. However, this only works with sites that offer HTTPS. A small lock visible in the corner of your browser or within the address bar ensures that your connection is encrypted.

A good rule of thumb noted in the article is to avoid doing anything online with sensitive data in public places. One should also take steps to bolster the security of your home wireless network, which is susceptible to hackers with inexpensive Wi-Fi antennas that can detect signals from home networks two to three miles away. It's wise to select a long and complex alphanumeric password and change the default router name of your home wireless network.

VPN (Virtual Private Network) can encrypt all wireless communications at home or in public places. There are both subscription-based and free versions, although the latter tend to provide more limited protection. If you are a member of the CU-Boulder community, you may freely use the campus VPN service. It encrypts your traffic as it is routed to the campus VPN server, and is unencrypted after that. If you are sitting in a coffee shop and connect through the CU-Boulder VPN, you have some protection from nearby prying Firesheep eyes. This is better than nothing -- it's worth noting that over a million people have downloaded Firesheep since its release just over three months ago.

Image: David Pham, iStillness, 2006. Available from Flickr under a Creative Commons Attribution-NonCommercial-ShareAlike 2.0 Generic license.

No comments: