Public WiFi Security

We’ve been talking about wireless security at the office lately. Everyone should be concerned about it.

SCENARIO

Employee from Division X is on the road at a conference then is going to make a business call afterwards.

While at the in between sessions at the conference they plop down in one of the wifi hotspots and start corresponding with the home office in prep for tomorrow’s meeting. The team back home has prep’d a presentation and plenty of attachments and are sending those across by email attachment but first need to do some IM to make sure it’s all good.

Turns out it’s not so good. Some things need revision. So, the agreement is to make it all available via ftp and the address and credentials are passed along.

Employee finishes out the conference, goes back to the hotel room, cleans up, has dinner and goes back to the room to pull down the zip files for tomorrow. Logs into the ftp server only to find there are no files. Frantic phone calls find the team leader back home. Who then raises IT. Who then checks the ftp logs and determines the right account was used from the convention center ip.

[WRONG] Conclusion back at base: the remote employee borked the files… log files say so.

The account was compromised by transmitting in the clear at a public wifi hotspot. This could have been a coffee house, a mall, your home, the public library or in the workplace. Identity theft is a very real issue. A few simple precautions (just like locking your doors even when you’re home) will dissuade the bad guys in many cases to go find easier pickins. Targets are plentiful and wifi is becoming the happy hunting ground.

Now, at the office, we happen to transmit proprietary information via SSL. It’s the kind of stuff you don’t want falling into the wrong hands. So, we have to take extra careful precautions about what methods of transmission we employ to get the data from A to B. Wireless is a good choice IF you are careful and know what your doing. We typically opt for hardwired connectivity, VPNs, etc. It may be a little more expensive in the short term. But, as compared to cleaning up a big PR mess… it’s cheap insurance.

There are lots of good references on the topic of secure wifi use. Dave Taylor has a good one. But if you use Google to research you’ll find all the top results are excellent too.

Of course, if you’re using the new V640 or any EVDO or EDGE style cellular card (not the wifi part of the card…) you’ll be far more secure at the expense in some cases of throughput. And, just becuase you use a Mac (like me) don’t think for a second that you’re any more secure than anyone else… packets are packets and they can be listened in on.

Advertisements
Explore posts in the same categories: Apple, EVDO, security, v640, wifi

One Comment on “Public WiFi Security”


  1. […] from falling into the wrong hands, and packet sniffing is all too common these days. From g-Wh!z […]


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: