Just like the real world, there are both good guys and bad guys out there on the web. But on the internet, the bad guys are much sneakier and higher-tech, and can usually do their business without you ever knowing what’s up (until it’s too late).
One such internet villain is the wifi sniffer. They are the modern-day equivalent of a pick-pocketer, but their technological advantage allows them to snag your credit cards and sensitive personal information without ever even touching you. They typically hang out at cafes that provide free internet to their patrons, but any unsecured wireless internet connection will do.
It could be practically anyone–the geek in the corner playing World of Warcraft, the well-dressed grad student writing his thesis, or the old guy reading a book. All they need is a laptop and some very simple software, and they can passively observe all the bits and bytes passing through the cafe’s airwaves. After they go home, their software can spit out a list of all the usernames and passwords that were “sniffed” at the cafe. Just imagine what damage someone could do if they had access to your email account.
Starting to feel paranoid? Good. Awareness is half the battle! Here are the top five things you can do to protect yourself:
- Understand that anything you do on a public wifi connection CAN be observed. This includes the web sites you’re visiting, the emails your sending, and often the passwords your submitting. This is true even on paid hotspots or password-protected wifi, so long as your adversary also has access to that network.
- One exception is web sites that use an HTTPS connection. Look for that little “lock” icon and an “https” in the address bar, and you know your activity on that site is encrypted, and safe from prying eyes. Caveat: Sufficiently sophisticated hackers can still defeat this with what are known as “man-in-the-middle” attacks. This is one of the many Youtube tutorials that show exactly how this is done.
- Bring your own internet. Many smartphones now support internet tethering, which allows your computer to tap into your phone’s data connection.
- Use a VPN (either from your workplace or purchased from a 3rd party provider like StrongVPN). These create an encrypted tunnel for ALL your internet activity that CANNOT be sniffed. If cost is an issue, consider the free HotSpot Shield from AnchorFree.
- Secure your home’s wifi with a password, to prevent nosy neighbors or driveby hackers from sniffing your private network. When you set up your password, it will give you a choice between WEP, WPA, and WPA2 security. Never use WEP security, because this can be cracked in a matter of minutes! You’re in good shape if you choose WPA or WPA2 security, and use a password that is not in the dictionary.
Finally, if you need any help securing your laptop or network, remember that Student Experts is here to help!