Protect Your Computer At WiFi (Wireless) Hotspots

August 22, 2008

When you use a Wireless Hotspot, you have more to worry about than viruses. Hackers are notoriously known for “sniffing” wireless “traffic” going through the air, searching for logins and passwords and such.

As Leo Laporte has pointed out, you need to follow safe computing practices. These include not running as an Administrator unless you absolutely need to. Also, download and install updates as soon as they are released via Windows Update.

Some hotspots use WPA encryption to help secure and protect users, though places like Starbucks don’t. Either way, you should run an antivirus, firewall, and antispyware products, if for no other reason than to protect your computer.

As Leo points out, “have the attitude that someone is watching you and only do stuff you don’t mind being watched doing. Use encrypted email. Use SSL email (https://gmail.com). Or, just don’t check it. But the best way is to work through a VPN. Hotspot VPN is a good one. $10 a month.”

Advertisements

WEP, WPA, and WPA2

July 2, 2008

According to Webopedia.com,

WEP

Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard. WEP is designed to provide the same level of security as that of a wired LAN. LANs are inherently more secure than WLANs because LANs are somewhat protected by the physicalities of their structure, having some or all part of the network inside a building that can be protected from unauthorized access. WLANs, which are over radio waves, do not have the same physical structure and therefore are more vulnerable to tampering. WEP aims to provide security by encrypting data over radio waves so that it is protected as it is transmitted from one end point to another. However, it has been found that WEP is not as secure as once believed. WEP is used at the two lowest layers of the OSI model – the data link and physical layers; it therefore does not offer end-to-end security.

The problem with WEP is that it’s wireless security has been cracked, and it is well documented on how to break it. It’s ok if you don’t have nosy neighbours, but one never knows

WPA

Short for Wi-Fi Protected Access, a Wi-Fi standard that was designed to improve upon the security features of WEP. The technology is designed to work with existing Wi-Fi products that have been enabled with WEP (i.e., as a software upgrade to existing hardware), but the technology includes two improvements over WEP:

  • Improved data encryption through the temporal key integrity protocol (TKIP). TKIP scrambles the keys using a hashing algorithm and, by adding an integrity-checking feature, ensures that the keys haven’t been tampered with.
  • User authentication, which is generally missing in WEP, through the extensible authentication protocol (EAP). WEP regulates access to a wireless network based on a computer’s hardware-specific MAC address, which isrelatively simple to be sniffed out and stolen. EAP is built on a more secure public-key encryption system to ensure that only authorized network users can access the network.

It should be noted that WPA is an interim standard that will be replaced with the IEEE’s 802.11i standard upon its completion.

WPA2

Short for Wi-Fi Protected Access 2, the follow on security method to WPA for wireless networks that provides stronger data protection and network access control. It provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks. Based on the IEEE 802.11i standard, WPA2 provides government grade security by implementing the National Institute of Standards and Technology (NIST) FIPS 140-2 compliant AES encryption algorithm and 802.1x-based authentication.  [Adapted from Wi-Fi.org]

There are two versions of WPA2: WPA2-Personal, and WPA2-Enterprise. WPA2-Personal protects unauthorized network access by utilizing a set-up password. WPA2-Enterprise verifies network users through a server. WPA2 is backward compatible with WPA.