The next time you crack open your laptop at the airport, your hotel, or the local Starbucks to take advantage of the free Wi-Fi, be careful. That network connection might not be what it seems.
As wireless networks and "hot spots" for free wireless Internet service become mainstays of life, so does the likelihood of hackers "spoofing" wireless network nodes to take advantage of unsuspecting users. Sending unencrypted information over any unfamiliar network can turn your computer into an open book -- with pages full of your personal information.
Rather than giving up the wireless ghost, security researchers advise using some common-sense tips to protect yourself when surfing the Web at a hot spot, or letting visitors onto your home network.
Wi-Fi Woes
Home-based wireless networks often go live without any sort of protection or encryption, which can enable neighbors or passersby to "sniff" out the live connection and pirate it, using the home's IP address to send and receive whatever content they wish.
Originally this required the piggybacker to drive by or be in close proximity to the network, but advances in technology have enabled Wi-Fi pirates to pick up pirated signals from miles away.
Matthew Ingrassia, then the technology coordinator for the Thompson Coburn law firm in Washington, D.C., told CNet News in 2005 that, "Running a home network with no security is akin to unlocking your door and hanging a sign on your house inviting thieves inside to steal."
Public wireless networks aren't much better. Wi-Fi zones in airports, hotels, coffee shops, and the like are generally designed for ease of use and convenience, rather than security. The ability to get online quickly and freely often trumps network security protection.
P2P
The biggest danger when getting online at a public hotspot is peer-to-peer (P2P) network access.
Much like online file-sharing, wireless P2P can enable snoopers to get access to your machine whether you're surfing the free Web or connecting to your corporate network. PC World's Leon Erlanger noted in 2003 that "[a]nyone with malicious intent can do lots of damage with this information, both to you and the company that employs you. And of course, you're vulnerable to the same viruses, worms, and other attacks as you would be on any unprotected network."
Encryption Exhaustion
But what if you use encryption for your laptop or network? It depends on what type you use. Even the strongest encryption lasts only as long as the time it takes for an enterprising hacker to break it.
In the case of wireless encryption, the one-time standard Wireless Equivalent Privacy (WEP) has proven so easy to circumvent that a team of researchers at Darmstadt University in Germany published a paper documenting how WEP could be broken in less than 60 seconds.
"Although it has been known to be insecure and has been broken by a key-recovery attack for almost 6 years, WEP is still seeing widespread use at the time of writing this paper," the researchers concluded.
Security analysts have advocated adopting the stronger encryption standard of Wi-Fi Protected Access (WPA) and its successor, WPA2.
Writing on the vulnerabilities of WEP and improving Apple's AirPort security, programmer and cryptographer Arnold Reinhold compared the differences between WPA and WEP to "a good safe versus a manila envelope."
What You Can Do
Just like going online with a typical wired connection, wireless Internet is not 100 percent safe. There's always a danger of hacking or snooping, but employing some basic safety procedures can reduce your vulnerability considerably.
Here are a few pointers:
• Use strong passwords.Whether it's a virtual private network, a laptop, or your home computer you share with your family, the weakest point of security is the login. Using commonly guessable passwords or default passwords ("admin," "password," etc.) can render your computer open to anyone who wants a look at the contents. Use random combinations of letters and numbers for passwords and change them frequently.
• Install security software and keep it updated. Just as with regular wired connections, personal firewalls can alert you if your computer's wireless connection is being invaded and can block the intrusion. Although antivirus software won't stop an intrusion, it can help get rid of any nasty bugs the hacker may leave behind.
• Don't automatically connect to open networks. Many laptops have wireless connections set to pick up any open signal by default. While this may be convenient, it can also open you up to security risks. It's best to set your laptop's wireless connection to work manually, so that it only connects to networks when you instruct it to.
• Disable P2P connections. Many Wi-Fi hackers set up "ad hoc" networks disguised to look like verifiable networks in airports and the like. They'll usually have names like "Free Wifi", "Free Airport Wireless," and so on; many ad hoc culprits will camoflauge their fake networks to look exactly like the real thing. Turn off your P2P connections for wireless unless you're certain you are connecting to a verified, trusted network.
• Power down. If you're working offline for extended periods of time, shut down or disable your wireless connection. Every minute you're on someone else's wireless network is a minute you're exposing your machine and your data to intruders.