A Wireless Dream or Security Nightmare?
An amazing array of gadgets connects us to the Internet — from smartphones and tablets to laptops and computers.
These gadgets check social media, organize schedules, map out driving routes and access streaming movies and music. In short, they function like pocket computers, with the added ease of mobility.
Of course, all these devices need the Internet. And the growing number of devices, combined with our reliance on their services, is putting a premium on finding the most convenient and economical way to connect to the Web. Not surprisingly, we’re turning to public Wi-Fi, which handles millions of connections. As more people power up their devices to confirm flight schedules, check e-mail and browse the Web, finding free Wi-Fi — from big city airports to seemingly remote coffeehouses — is becoming the new national pastime.
Our enthusiasm to embrace innovation, however, often surpasses our education about them. For example, two out of three people say they use public Wi-Fi, but only half of them say they’re concerned with security. For many people, the convenience of free public Wi-Fi is too alluring to consider the security pitfall. Besides we’re not checking our online banking — just e-mail or a blog — there’s no danger in that, right? Not so fast. That’s not always the case.
Wi-Fi has many advantages, but there are reasons you should consider your security when using it, with several tools are available to help reassure you of the safety of the connection.
Why Wi-Fi?
The public Wi-Fi umbrella is widening, offering people the option to dip in and out of a convenient hotspot in a growing number of locations. And unlike a carrier’s network connection, there’s no binding contracts or expensive monthly bills. Getting on is relatively easy, and the bites of data aren’t deducted from your allotted data plan, making the choice a no-brainer.
The benefits of public Internet are funneling greater numbers to join the Wi-Fi bandwagon. Cisco’s Visual Networking Index predicts Wi-Fi Internet will outpace wired Internet traffic by 2015, so the occasional use today is expected to become a mainstream activity down the road.
This ubiquity is even giving rise to a new class of carrier, like Republic Wireless, NetZero and FreedomPop, aiming to capitalize on new broadband business models by leveraging Wi-Fi connections. They’re creating hybrid-networks to encourage sharing underlying a growing competition and alternative to traditional contract networks.
In fact, nearly two in three wireless providers believe hotspots are crucial to their customers’ experience, according to a Wireless Broadband Alliance report, which help offload the strain on their congested mobile broadband networks.
For years, device makers have taken note, rolling out smartphones with Wi-Fi connections. And many users are choosing Wi-Fi-only versions of tablets, understanding they can connect at home, on public hotspots, or simply tether to a smartphone. But the trend towards Wi-Fi will be met by a variety of obstacles.
How Secure Is Public Wi-Fi?
According Norton’s Cybercrime Report, two in three people use free public Wi-Fi, with more than two in five of those checking personal e-mail and social network sites. Only about 15 percent use a public connection to check online banking.
However, all users can be at risk of exposing sensitive data within the same Wi-Fi network due to two other trends: people using poor password protection and the increasing ease with which sensitive data can be stolen and used to expose more information.
Trustwave’s Global Security Report revealed that people put little thought into the strength and security of their passwords, choosing those that meet minimal requirements and are easy to remember. Trustwave says the most common method hackers sneak into protected systems is through weak passwords, with about five percent of them consisting of a variation of the word “password.” Though that percentage sounds small, it’s alarmingly high when given the potential for six quadrillion of combinations, as is the number of possibilities for an eight-character password.
In addition, many users choose common words to protect valuable data. According to Sony, “Seinfeld” was a frequent choice, and “1234” and “0000” rank highly for numbered passwords, providing little defense. Indeed, Trustwave’s own test, using an off-the-shelf laptop, harvested over 200,000 passwords in less than 10 hours.
The overuse of the same password can also put users at risk of data breaches through simple hacks. For example, by getting your United Airlines login credentials, hackers can get a good lead on your e-mail, banking and other accounts. So imagine how these capabilities, paired with bits of your public Wi-Fi Internet information, can be used to unearth your personal information.
And, the hijacking or “sniffing” Wi-Fi is getting easier. Using free, legal apps or hardware costing less than $100, hackers can gain access to online banking, e-mail and social networking data transmitted via even password-protected Wi-Fi networks. The person sitting across from you in the airport can easily use tools like Firesheep or Reaver to take a peek, and possibly more, at your Interact activity, resulting in a privacy breach or even identity theft.
Firesheep, an extension for the Firefox browser, uses a “packet sniffer” to intercept unencrypted cookies from websites such as Facebook and Twitter, and open-source tool Reaver can exploit security holes in wireless routers to crack its passwords with relative ease.
Securing Your Connection
Many are aware of malware threats in general, especially in mobile payments, and there is a growing awareness of securing both in smartphones and tablets, but the idea of safeguarding the connection itself hasn’t gained much traction outside enterprise situations.
Some tools can safeguard your connection and increase your own security, but they offer a range of protection levels to choose from, vary by platform and often entail pages of step-by-step instructions.
Products like Private Wi-Fi and ProXPN, for example, can connect users to servers in various locations around the world, and the price varies depending on specific service levels from free to $10 a month. The plans include free trial offers as well as family and enterprise plans. Both services will reduce your Internet connection speeds, compared with having an unencrypted traffic stream, mainly because the traffic is redirected to the company servers, as well as the encryption process.
As the movement toward public Wi-Fi surges, though, more efficient and streamlined products are coming to market. Norton, for example, released “Hotspot Privacy,” a service that helps protect consumers using public Wi-Fi. The company boasts of its easy setup and use, which automatically configures VPN, or virtual private network, connections and prompts you to connect when Wi-Fi is detected.
The secure connection lets users jump on public Wi-Fi with up to five devices and surf the Web invisible to other users, websites and service providers, protecting their identity and web accounts. The product encrypts confidential online information like passwords, and boasts unlimited bandwidth, no data transmission quotas and no throttling, so users can control what they share online, no matter where they connect to the Internet.
“Securing a public Wi-Fi connection can be complicated to manage,” said Mark Kanock, Group Product Manager with Symantec, describing Hotspot Privacy. “When I connect to Wi-Fi, I want to be safe and this makes it an easy, straightforward and clean user experience.”
Kanock explained the product takes the complexity out of security, is easy to install and then starts automatically, providing an icon alert so you know it is working.
Public Wi-Fi will continue to become part of everyday life, providing consumers with a convenient way to connect on the go, and at the same time demanding an increase in awareness and concern over the security ramifications. Powerful factors, like price and convenience, are likely to propel the growth of Wi-Fi, and if device-makers introduce Wi-Fi-only options, there will be more of a push to balance the upside of the practice with safeguards for privacy and security for users’ personal information.
