Keep your data safe when connecting to public wireless hotspots

How about we open this article with some good old fashioned scaremongering? Any time you connect to a public Wi-Fi hotspot, almost every single piece of data you transmit can be picked up by anyone within range of the same network.

When you connect to an unencrypted Internet hotspot, almost everything sent between your computer and the Internet is sent in a format that anyone can read when they install a small piece of software.

There are hundreds of free “network analyzers/sniffers” available on the Internet, and even untrained users will be able to start sniffing wireless traffic in a matter of minutes. Now, before you freak out too much, you need to know that not all traffic is susceptible to snooping, and that there are ways to protect yourself. Also important to know – sites and services like banks and email providers use a secure Internet protocol that makes snooping virtually impossible.

(Photo from Flickr/Corypina)
Turn off “auto connect”

On your computer, make sure “auto connect to Wi-Fi hotspots” isn’t enabled. Always verify that the hotspot you are connecting to is indeed from the provider you want.

There are real scams out there, usually involving wireless hotspots called “Free public Wi-Fi” – these “honeypot” hotspots are set up with the sole purpose of trying to steal your data. If you really need to get online, the urge to connect to the first open hotspot you find may be tempting, but it pays to be secure.

Don’t share files on your computer

When you connect to a wireless hotspot, anything you are sharing on your computer, may be shared with anyone else connected to that network.

So, to prevent this make sure you either disable the file and printer sharing feature, end the files/folder sharing option, or pick the correct network type. Only the most recent versions of Windows will present you with the network “location” popup, so be sure to pick wisely.

Get yourself a 3G or 4G adapter

Don’t trust working on a public network at all? Invest in a 3G or 4G wireless broadband adapter, and you won’t have to worry about people listening in on your data. Network connections with a mobile broadband service are encrypted, and extremely tough to hack/eavesdrop.

Of course, your own 3G adapter comes at a price – you’ll be paying around $50 for access, and you’ll be limited to the coverage area of the operator, but if the information you transmit is really important, the investment won’t be hard to justify.

Create your own secure connection with a VPN

A VPN – or Virtual Private Network is a system that transports your Internet traffic to a secure server, then passes it on to the Internet. By using a VPN, everything sent between your computer and the VPN service is encrypted. Access to a VPN is usually pretty simple if you work for a large company. but even consumers can get their own VPN setup without too much hassle.

The easiest, and most popular (free) consumer solution is Hotpot Shield. With Hotspot Shield, you simply enable the application when you are at a public hotspot, and your traffic is securely sent over their VPN.

Another solution (that I’ve used a lot myself) is Hotspot VPN. Their no-frills web site lets you create a VPN connection (which you have to manually configure). Hotspot VPN is available for under $9/month, or for $3.88 if you only want a day pass.

Once you have set up a VPN, all Internet traffic on your computer passes through the secure servers of the VPN company, making eavesdropping nearly impossible.

More advanced users may want to consider setting up their own VPN at home, using Open VPN, or even by installing an improved firmware version on their router, turning it into a router/VPN server.

Connect securely to your home PC, then connect to sites you need

Several weeks ago, we reviewed Logmein – a service that lets your remotely connect to your computer. With Logmein, you can connect to your home PC using the Logmein software, your browser, or the Logmein Ignition client for the iPhone.

Once connected to your home PC, you can use all the Internet applications you want – securely. The downside is of course that your home PC needs to be turned on 24/7 for the connection to work.

Secure sites are your best bet

Staying secure is as simple as making sure the sites you connect to are secure – so always look for the https:// and/or padlock symbol in your browser. Modern browsers also allow you to hover with your mouse over the site name to be sure it is a verified web service, and not a spoof.

ALL traffic is vulnerable – not just web traffic

Just because you are a responsible user that keeps an eye open for the “padlock” in your browser, doesn’t mean you are safe.

ALL traffic you send over Wi-Fi could be vulnerable. This includes your Twitter application, photo upload programs and anything else that accesses the Internet. When possible, make sure your applications access the service using a secure connection. If in doubt – don’t use them.

Firewall your computer

Always make sure your computer has a reliable firewall installed. Many systems come with this nowadays, so make sure you have it turned on, and set to block incoming traffic. Firewall software is usually “set and forget”, so there is no excuse for not being protected.

Don’t forget your mobile device(s)

Keep in mind that your handheld device is just as vulnerable as your laptop computer. Anything you transmit in the open on an iPhone or other Wi-Fi enabled device can be intercepted.

Thankfully, modern devices like the iPhone and Droid also support VPN connections – so if you really want to be secure, consider subscribing to a VPN service, or setting up your own VPN server.

Restrict what you do on Wi-Fi

This final tip is also the easiest to implement – don’t do anything on Wi-Fi that you wouldn’t want to share with anyone else. This means no bill payments, no Ebay auctions or anything else that could get you in trouble if someone grabbed your user name and password. Don’t underestimate how quickly someone can grab your password and start stealing from you.