Tag Archives: safer surfing

If You Can, Steer Clear Of Free Wi-Fi Hotspots

imageWi-Fi hotspots and I don’t get along. It’s not that I’m not appreciative of the free service – I am.  But, I’m far from convinced that free Wi-Fi hotspots are appropriate for most Internet users. Hotspots are a hacker’s dream come true.

Free hotspots, in many instances, are unsecured – a semi-skilled hacker, using a selection of readily available tools (often available as a free download on the Internet), can easily penetrate such a network.

Here’s the first example of what I mean:

Earlier this year, while visiting my local Library, I logged on to it’s hotspot only to have my Browser warn me of a possible fraudulent certificate – symptomatic of a “man-in-the-middle” attack. Typically, a man-in-the-middle attack is designed to eavesdrop on the traffic between a user and a website.

Since most users are unaware of the importance of certificates, it’s fair to assume that a typical user, on seeing this warning, would simply click “ignore”. In this case, that had to be so – when I approached the Library’s chief Tech, shockingly, he had no idea what I was talking about. Certificate? Huh? Which led me to believe, that no other user had brought this issue to the Tech department’s attention.

In other words, possibly thousands of users were unaware of the very real risk to their privacy and confidential data, as they happily surfed the Internet from this location.

Given, that one purpose of a certificate is to confirm that the web site being visited is indeed what the user thinks it is – effectively, whether the site can be trusted or not – I continue to be surprised at the typical user’s scant knowledge in this area.

Here’s a challenge for you – query your self described “tech savvy” friends on the current certificates installed in their Browser. Wait for the surprises – or, maybe not.

Pictured below, as an example, are the Certificate installed in my current version of Firefox.

Authorities – These are the Root Certificates that Firefox trusts.

image

Servers – These are the certificates that have been installed manually from a website.

image

The second example:

At an Art class I joined earlier this year, I happened to notice a questionable type of person sitting (on the ground) outside the building (freezing his butt off, since it was Winter), surfing on his Laptop. I knew there were no open Wi-Fi networks within range, so it was apparent that this fellow was surfing through the Art Institute’s password protected Wi-Fi.

On speaking with Institute staff, it became clear that this was a common occurrence with this fellow. The long and the short of it is (it would take an entire article to tell this tale), a series of Wi-Fi hacking tools were being used to “play” with the owner’s site. Since few of the students used the Wi-Fi hotspot, no damage had been done. But, it easily could have.

If you do use Wi-Fi Hotspots, here are some recommendations for safer surfing:

Assume your Wi-Fi connection is open to penetration.

Be certain that your security applications are up to date.

Don’t enter sensitive financial data. Online banking while connect to a hotspot is, to put it mildly – crazy.

To be sure that you don’t leave a trail of “breadcrumbs” – history, cookies, passwords – set your Browser to private browsing mode.

Log out of each logged-in site you visit – particularly, web based email sites; Facebook, Twitter, and the like.

Pay particular attention to one of the craziest default setups ever – “Remember my password”. It’s imperative that you uncheck this.

If you’re comfortable with anonymous surfing then, consider installing a VPN application. One such application worth considering is Hotspot Shield – reviewed here, a number of times.

Finally, you should consider avoiding Wi-Fi Hotspots entirely. An alternative is creating a “personal hotspot” if your smartphone is capable. Check your phone manufacturers web site for information on how to do this.

8 Comments

Filed under Don't Get Hacked, Interconnectivity, Safe Surfing, Smart Phone, Wi-Fi

Don’t Have McAfee Site Advisor? Then How Do You Know Where You Are on the Net?

mcafee-site-advisor.gifWould you wander through a neighborhood that you were unfamiliar with? One which might possibly be full of predators? Well of course you wouldn’t.

However, if wander through the Internet without the aid of SiteAdvisor, a free Internet service from McAfee, (the plug-in is available for Internet Explorer/ Firefox) that tests web sites you are visiting for spyware, spam, viruses and online scams, this is close to what you are doing.

According to McAfee, this service is based on a huge database with detailed test results for more than 100,000 pieces of software, and which covers more than 90% of the world’s Web traffic. The service integrates with search engine results from popular search engines such as Google, Yahoo, etc.

The plug-in’s icon, which is added to your browser toolbar, displays a color rating for each site you visit, which indicates whether a site is safe to use, or should be used with caution.

Site Ratings:

  • Green – Safe: McAfee has tested the site and didn’t find any significant problems.
  • Yellow – Caution: McAfee has tested the site and advise there are some issues you should consider.
  • Red – Warning: McAfee has tested the site and found some serious issues that you need to carefully consider before using this site.
  • Grey – McAfee has not yet tested the site, or the site is in the process of being tested.

 

According to McAfee’s own research, 90% of U.S. consumers on the Internet make use of search engines, and 80% of Web site visits originate from these search queries. Additionally, McAfee stated their May 2006 Search Engine Safety study revealed, search engines expose users to dangerous sites posing security risks including spyware, spam, and scams.

Surf more securely by adding this browser add-on which will provide you with an in-depth site analysis based on real world test results. Always keep in mind however, that you are your own best protection. Stop · Think · Click

Download this browser add-on at McAfee

3 Comments

Filed under Anti-Malware Tools, Firefox Add-ons, Internet Explorer Add-ons, Internet Safety Tools, Online Safety, Safe Surfing, Windows Tips and Tools