Moving at the Speed of Creativity by Wesley Fryer

Wireless and hotel Internet security

Are most people putting themselves at risk when they use open wireless access points or hotel broadband Internet connections with a laptop computer? Absolutely. Yes. Without question. This is a huge problem and most people seem to be oblivious to it.

In coffee shops, airports, hotels, other public places or adjacent to your own home, unscrupulous hackers can use free software tools like ethereal to steal passwords and other confidential information quite easily if computer users have not taken steps to protect themselves. (And today, most people haven’t.) These hacking tools are now graphically based and require little if any technical background or knowledge to use. It is very scary to not only see, but realize how many people put themselves at risk regularly for identity theft and other problems when someone else obtains their userid and password information.

The best defense against identity theft through a wireless access point or even a hotel broadband computer connection is a good offense in the form of a VPN connection. Schools should provide employees with VPN access to the school network, so they can connect in hotels and at open wireless access points through this secure “VPN tunnel.” Otherwise, anyone could be watching all the messages and Internet traffic the person is sending and receiving. This includes email usernames and passwords that are sent as clear text.

People with wireless home computer networks should not stop with the recommendations I have made previously of just changing the network ID (SSID), hiding it so others cannot browse to it, and changing the default password for router administration. Even enabling “MAC address filtering” (a positive security measure that requires the network administrator / homeowner to add the numeric identification number of each wireless device’s network card into the router) is a poor defense, since the TCP packet sent by an authorized computer contains that exact MAC address in its initial character sequence. This means a MAC address can be easily spoofed.

WEP wireless security can also be defeated relatively easily by a hacker who wants to break into your home network, but a secure WPA password can be theoretically impossible to break. The producers of the Security Now podcast offer a free web-based tool for creating theoretically unhackable WPA passwords– access it on Refresh the page to obtain a different, random 64 or 63 character password string.

For more on these topics, read the Wireless Security Recommendations published by Rutgers University last May, and listen to the excellent recent episodes about wireless security, WEP, WPA and VPN on the Security Now podcast.

When you are away from home (where you should be using WPA encryption if you have a wireless network,) always connect to VPN before using your email, posting to your blog, or doing anything else with a program that requires a username and password! If you don’t have access to a VPN account, consider paying for and using a service like HotSpotVPN. If you have an account password stolen or (heaven forbid) your identity is stolen and you don’t take these precautions, remember “I told you so!” 🙁

If you enjoyed this post and found it useful, subscribe to Wes’ free newsletter. Check out Wes’ video tutorial library, “Playing with Media.” Information about more ways to learn with Dr. Wesley Fryer are available on

On this day..