«  
  »

Using public open wi-fi is now a serious security risk

Bob Morris, on Oct 28, 2010, 9:24 am

Fire Sheep, a Firefox add-on, demonstrates that it is simple for others to hijack your session if you are using unencrypted open wi-fi. There are two solutions

1) Use a browser add-on like HTTPS Everywhere. It automatically routes you to an encrypted https connection rather than http for sites like Twitter, Facebook, Google, and many more.

2) Use a VPN (Virtual Private Network). It provides security when using open wi-fi. Prices start at about $5 a month.

HTTPS Everywhere is from EFF and thus totally trustworthy, but is for Firefox only. Please post any plugins you know of for other browsers. Ditto for any VPNs that you use.

Tags: , , | Category: News | 10 comments - (Comments are closed)

  • http://politeaparty.blogspot.com d.eris

    On this front, I’ve heard good things about Hot Spot Shield. Are you familiar with it? Pros? Cons?

    http://hotspotshield.com/

    • http://polizeros.com Bob Morris

      I know little about VPNs and am looking for reviews from a reliable site like CNet or PCMag.

  • http://leastevil.blogspot.com Dale Sheldon-Hess

    It’s a little tricky, but anyone who already has a home broadband connection could save themselves the $5/mo. service fee. Run an ssh server at home, connect to it when in public, and tunnel all your web traffic (or any other traffic you want) through it.

    (I used to do this all the time, only now I use my hosted server instead of my home computer.)

    • http://polizeros.com Bob Morris

      Interesting. Does that work with non-fixed IP addressees like with DSL?

      • Dale Sheldon-Hess

        Well… technically yes, but no, not in the sense you probably mean.

        You would have to know what your IP address was. It will typically only change when your modem reboots, which shouldn’t happen often; I’ve gone months and months with the same dynamic IP. But if you can’t be bothered to note it down before you leave and take it with you, what I’ve seen done is to program the computer to txt you the IP whenever the link comes up.

        • http://polizeros.com Bob Morris

          Hmm, I’m at the end of the DSL line here in Cedar, and generally unplug every few days to reset the modem for better speed. Haven’t checked, but I’m guessing that’ll reset the IP.

          BTW, I’m finding that strongvpn.com gets consistently rated as one of the best VPN providers.

          I also spend a fair amount of time in San Jose, and the net connection there is solid and hugely fast.

  • http://homelessonthehighdesert.wordpress.com Ten Bears

    For myself and my clients, I set them up to MAC address’ only. Locks it down tight.

    • http://polizeros.com Bob Morris

      How do you set up MAC address on open wi-fi?

    • Matt D

      Did you know that one of the first things your computer sends to the wireless access point is their MAC address. Any wireless protocol analyzer will pick this up real quick. Then all it takes is a little MAC address spoofing and you’re hacked! Not broadcasting the SSID is not safe either. Configure your Wireless System with WPA or WPA2 using a strong 8-10 character (numbers and special characters too) pass-phrase and that should lock it down. Listen to Steve Gibson’s “Security Now!” and get schooled!!

  • http://rethinkafghanistan.com Josh Mull