Showing posts with label Web Safety. Show all posts
Showing posts with label Web Safety. Show all posts

How Secure is Your Data at a Public Wireless (WiFi) HotSpot?

More and more laptop computer and PDA owners are discovering the convenience of settling in at a local cafe, restaurant, or even some bars, and being able to quickly jump online via a high-speed wireless internet connection. These "hotspots" are provided by the establishment sometimes for a fee, sometimes at no cost, or other times coupled with a purchase. Airports and hotels are also offering this service to its customers. Not only popular with business people and travelers, just about anyone who has a laptop and knows about WiFi can enjoy the freedom of being able to relax with their laptop and a cup of coffee, and be instantly downloading email, songs, or videos, or using Skype, shopping on eBay, listening to streaming audio/video, or using almost any other application that makes the most of a broadband internet connection.


How Secure is your Data at Public WiFi?

What many people don't realize, however, is how insecure their data is to available snoopers: it's quite easy, and not uncommon, for hackers using freely available software and PLDT Hacker Apk, to plant themselves in the corner of such a public location and "sniff" out the data that's zooming through the air between your laptop computer and the wireless access point (router) that is broadcasting the wireless signal. Much of the time, just about everything that comes and goes from your computer wirelessly in such situations is available to be read and interpreted by such a hacker with the right software and hardware tools. If any hacker has hacked your PLDT WiFi then you need to change your PLDT WiFi Password.

This might not bother you if you're just reading the news or downloading your favorite podcast, but know that many times your email and website passwords (even if it's pre-programmed into Outlook) are also passing before the eyes of the disheveled 15-year-old sitting in the corner of the cafe with excess computer equipment around him, eyeing his prey with peripheral glances. With such passwords and personal information at his disposal, identity theft, financial theft, and other frustrating messes can befall the victim within hours. There's the old joke of a customer in a wireless cyber cafe with his laptop, chuckling at things he's reading or communicating via a chat room online; across the room is a hacker laughing in tune with this fellow because he's sniffing out the customer's signal and seeing exactly what's on his screen. Yes, this sort of thing does indeed happen.

The reason for this exposure is endemic to the concept of open wireless internet access. Unlike a home wireless network which can be easily secured (though many home users don't take the time to do so), public hotspots by their very nature don't, and can't, include any easy security measures to protect against the sniffing of data. To be available to customers and easy to use and administer, the wireless service can't be secured automatically. And so you as a customer must take it upon yourself to watch your back and implement your own security procedures. BYOS: Bring Your Own Security.

How to Secure your Data while using Internet at Public WiFi?

What needs to be done, if you want to protect your wireless data, is the data that travels back and forth from your computer to the internet needs to be encrypted - scrambled such that anyone who intercepts and reads the data can't make any sense of it. There are a few ways to do this.

First and foremost, know that data passed through an encrypted web session ("SSL") is always safe to consider private. We've all been taught to look for the icon of a lock or key in the corner of our web browser, or the "https://" prefix in the address bar, when making an online purchase or otherwise providing sensitive personal information online. This holds true during wireless sessions at WiFi hotspots and is usually a good enough guard against any snoopers trying to cull private data through the air. Simply continue to make sure that your web browser shows that lock or key when you're on a site that is eliciting private information from you, and you are safe from sniffers at a wireless hotspot.

If you use Outlook Express, Outlook, or other email client software that pulls your email down to your computer, know that normally your password is being sent out over the internet connection in clear text. Not good. Check with your email provider to see if they offer "POP/SMTP over SSL" - this is an encrypted version of email transfer and will protect you just like SSL protects you during a web session. There are some email providers that offer this valuable feature, including Google's Gmail.

An undervalued technology that is still slow to gain popularity among the laptop-toting masses is VPN. When you have your computer establish a VPN connection over your broadband internet connection (whether wireless - the point of this article, or wired ethernet), everything traveling over the connection is encrypted between your computer and the remote VPN server. If you connect to a VPN server while at your favorite wireless hotspot, you'll know that your encrypted data is safe from sniffers.

Short of having your employer provide you with VPN connectivity (it may not hurt to ask), services such as HotSpotVPN.com (recommended) and PublicVPN.com offer, for a modest monthly fee, VPN connectivity from wherever on the internet you might be. Most of the time such VPN connections can be initially configured within minutes and without the need to download or install any specialized software. VPN client software comes built-in to most versions of Windows, as well as Mac OS X. Establishing a subsequent VPN session on your computer only takes a few seconds.


There are a few flavors of VPN out there in the world, and if your VPN provider offers you a choice of these different technical variations, here are my suggestions, in decreasing level of recommendation for each specification. (If this is too techie for you to swallow, don't sweat it - you can still use VPN services just fine without choosing.)
  • Tunneling Protocol: IPsec-over-L2TP, SSL, L2TP, PPTP
  • Authentication Protocol: MS-CHAPv2, MS-CHAP, CHAP
  • Key Strength: 256bit AES, 192bit AES, 128bit Blowfish, 128bit MPPE
If you're a tech pro, you might also consider setting up a VPN server on your home PC and using that to host your remote VPN session from your laptop. This would save you a few bucks a month over paid services, but it would take some time and know-how to setup.

As usual, no matter where you take your laptop, you'll want to make sure you have your security software kept up-to-date:
  • Firewall: Windows XP and Vista include a great firewall component. Use it. For other operating systems, you can often find free trustworthy firewall software online, available for download.
  • Anti-Virus: If you don't have an AV package, get one. And keep it up-to-date, too. A great free AV program for Windows is Grisoft's Free AVG. And yes, it knows how to automatically update itself, too.
  • OS Updates: Keep your operating system updated as well. If it's Windows 2000, XP, or Vista you have, make sure you set the Automatic Updates to check for, download, and install updates from Microsoft's website automatically.
  • Anti-Spyware: Though less of a direct threat than viruses and trojans, spyware/adware/malware can create problems on your computer, such as slowness and instability. There are even nasty variants that steal your passwords (they're called key loggers) - regardless of whatever kind of encryption you use online. Microsoft users can download the free and reputable Windows Defender directly from the Microsoft website and keep their spyware load to a minimum.
Before I wrap-up, let me say a word about "evil-twins". These are false hotspots setup by hackers to appear as freely available wireless access points. They may have an SSID (network name) of something enticing like "Get_Your_Free_WiFi_Here", or more subtle, such as "T-Mobile_WiFi". Once connected to them, all seems to behave normally, but secretly the hacker is recording ALL the data you're sending and receiving through that connection, and they may also be trying to sneak their way into your computer through other means.

To avoid connecting to an evil twin, be sure to check with the establishment of the WiFi hotspot that you are patronizing - they'll tell you the exact name of their wireless network that you should connect to. Be sure to specify that network name in your wireless software or profile and none other.

One last comment here if you're frequently on-the-road and require regular wireless internet access. Instead of frequenting various hotspots, you may consider purchasing wireless broadband from a cellular provider such as Verizon or AT&T.; Each of them has an "unlimited" plan for a fixed monthly price. While slightly slower than typical WiFi speeds, such cellular data plans usually still qualify as broadband and are fast enough for most people. The big advantage of such plans is that you can connect to the internet in just about any place a cell phone can get a signal - and that means far more coverage than most any WiFi network currently in place.

Talking about and setting up security measures for your wireless connection may not be the most interesting of topics. But in today's world where electronic money flows in and out of online (and offline) accounts with relative ease, and where identity theft is America's fastest growing crime, prevention is the best medicine for keeping one's private information out of the wrong hands. And when you're sharing such data through the air at a public hotspot, you really want to make sure it's incomprehensible to everyone except you and your trusted merchant.

Basic Tips on How to Safely Navigate the Web



We all use our phones and other devices to navigate the web many times a day, in every moment of our day, especially in the last few years, online frauds are massively increasing. A particular research showed that it takes less than 6 seconds for a hacker to get the security code and the expiration date of credit cards once they have some basic information. Really scary, isn’t it? That is why it’s really important to seriously consider the safety of our data and privacy, especially on sites which manage our money, like banking, e-commerce or gaming websites. Here we're sharing some tips to enhance your security when you're on web.

Ad-Blockers:

An Ad-blocker add-on can be used as a simple plugin which can stop third-party links and advertisements and stops them from identifying you and tracking the sites you visit, by preventing them from loading any more content in your navigation. There are lots of Ad blockers available and some experts also recommends to install a tool to disable cookies.

HTTPS Connection:

The most secure sites are those who serves over an HTTPS connection, instead of HTTP. Where is the difference? In HTTPS, the communication is encrypted by TLS protocol and this guarantees that your personal data will be safe and won’t be shared with the website you're visiting.



Use a Virtual/Temporary Online Credit Card:

It’s still new, but some banks and other kind of companies allows you to create these temporary credit cards, which are linked to the real credit card, but with a different number and security code.

Choose Wisely:

If you want to buy something or play games online, choose sites with proper licenses and great reputation. Most secure casino sites show their terms at the bottom of the Homepage and it is possible to check whether they are guaranteed by national or international regulations.

Regarding e-commerce, beside all previous tips, there are some details which could help:

The presence of Better Business Bureau, VeriSign, TRUSTe logos may be a good sign, even if it’s quite simple to fake them. You can also look at the prices: if they are so good, probably it’s a dangerous site. For banking sites you can be sure that they will never ask personal information through emails or texts, so if you receive any request like that, you should immediately contact a Postal police office and report to them what happened.

Apart from this, a good antivirus system which also gives web security feature and an updated web browser are also a basic requirement which helps against online frauds.


So that's all for today, apart from these tips did you know any other tip? Let us know in the comments below. Be prepared and navigate safely!