Security

In November 2010 Google was under investigation for obtaining information from unsecured Wi-Fi networks for its Google Street Views application. Google claims it was an accident. Google isn’t the only organization picking up information from unsecured networks; there are plenty of others out there gleaning information from unsecured networks. **Wardrivers**, folks who cruise neighborhoods sniffing out unsecured Wi-Fi networks, take whatever information they can. When they find an unsecured network, they access it (anybody can do this), and with a few tricks they steal what they want from unsuspecting users of the network. Wardrivers' favorite haunts are Facebook pages, Twitter pages, and email. (They can read your messages at least.)
 * Wi-Fi Networks **

Moral: Make sure the free wireless you’re accessing is protected. What places are notorious for not having properly secured networks? Hotels, coffee shops, and school campuses.

How can you be reasonably sure the network you’re connected to is protected? If you have a Mac, click on the Wi-Fi bars near the sound symbol at the top of your screen. A box should drop down and you should see the networks available in your area. If there’s a lock symbol next to the network you want to access, it means that you need a password to access that network. That’s a good thing. If there isn’t a lock, I wouldn't bother with that network if I were you.

If you don’t know how to secure your own home network, I highly recommend spending a few extra bucks to get someone who knows what they’re doing to secure your network for you.

Secured networks typically use WPA or. WEP Wi-Fi protection—WPA is stronger for technical reasons I don’t understand. The strongest WPA password/passphrase is one with at least 13 of the 95 permitted characters and definitely a password/passphrase that a would-be hacker couldn’t directly connect to you, like the name of your dog or the model car you drive.

 IF you feel you simply have to take advantage of free Wi-Fi at your local coffee shop...


 * First, disable any file sharing mechanisms that you might use. This is a must. At home, you might have some sort of set up that allows you to share files, printers and logins with devices that are on your network. Again, SHUT THIS FEATURE OFF before you begin to access an unsecured Wi-Fi network. You don't want other folks to be able to share your STUFF.


 * Set up your Wi-Fi connections so that they are turned OFF unless YOU turn them on. The same logic should apply to file sharing mechanisms.


 * Make sure your firewall is turned ON. This is a must.

 Know that not all sites offer any type of encryption...SO another alternative is to
 * Add the letter "s" to the first part of the URL of the site you're using. So, if you are browsing http://www.madnessontheweb.com simply type an **"s"** after the "http" part. Supposedly, this allows you to access the encrypted version of the site. Related to this fix is accessing **SSL** (a layer of encryption), which is often used by mail servers such as Google. Such sites often cause a padlock icon to pop up on the bottom of your browser. In any case, remain vigilant. You may start off on a page that has https in the address bar or a padlock at the bottom but those offerings might disappear should you click on links that do not have https or SSL. __**If the padlock or the "s" disappear at any time, log off and close your browser. Your device is at risk.**__


 * Create a Virtual Private Network (VPN). This sounds more difficult than it is. Can you say **HotSpot Shield**? You probably already use it to enhance safe browsing. HotSpot Shield will set up a VPN for you. **Hamachi** is another option. **Windows** has a built-in VPN option. VPNs', by the way, allow users to control a slice of a network they don't control. This definitely applies to the average user's use on Wi-Fi networks at coffee shops, restaurants, and hotels, doesn't it?

For more information about staying safe in a Wi-Fi world, check out Lifehacker-How to Stay Safe http://lifehacker.com/#!5576927/how-to-stay-safe-on-public-wi+fi-networks

<span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">Lifehacker VPN Tools http://lifehacker.com/#!5487500/five-best-vpn-tools

<span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">Caveat utilitor: There's no guarantee that any of the precautions you use will protect you and your data 100% since you don't own your own Internet. The best you can do is be reasonably cautious and employ the protections that will deter miscreants.

<span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">Who says sheep are inocuous creatures? Firesheep is an example of a program that is used for malevolent purposes. Typically, Web sites deposit cookies or tokens that identify users for a session so the user doesn't have to log in again or reload information. If someone can interfere in a session and get access to a cookie/token, that person can impersonate you. Firesheep is a Firefox extension that allows this. To use Firesheep, the impersonator has to do this on an unsecured/open access spot. So this is how it might play out. You're at a coffee shop accessing your Facebook account. The Wi-Fi network you're using is unsecured. A person in the same coffee shop or nearby accesses the same network, activates Firesheep, and targets the page you're on, so now the two of you are looking at your Facebook page. That impersonator can see your friends and the rest of your business.
 * <span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">Firesheep **

<span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">The truth is impersonation in this manner has been happening for ages, it's just that nobody has felt pressured to remedy the situation--until now.

<span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">You can be relatively certain that you are protected against Firesheep if
 * <span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">You are using a WPA secured connection
 * <span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">You are using a secured application--look for https in the address bar

<span style="font-family: 'Comic Sans MS',cursive; font-size: 130%;">You can find more information about Firesheep on Security Now podcast Nov 4, 2010