Feb 19, 2013
Unsecured ‘Free’ Wi-Fi? Be Worried. Be Very Worried.
I like convenience as much as the next guy but I also exercise caution whenever I see the word “free.” Why? Because the old adage “With free you get what you pay for” does mean that sometimes you end up with nothing at all….or more than you bargained for. I become particularly concerned whenever I see the words “free” and “Internet” together and you should too.
In this day and age, unsecured Wi-Fi networks are practically ubiquitous. You will find them in airports, hotels, office buildings, coffee shops, restaurants, malls, and even municipalities. While this is convenient when you want to buy a new book on your e-reader, check your e-mail on your laptop, or rebook a flight on your tablet, doing so in the unsecured Wi-Fi environment can create a real problem days, weeks, or even months later. Consider the following. In 2010 a free Firefox browser add-in named Firesheep was released that enabled the user of Firesheep to hijack the social media accounts of anyone else who happened to be using the same unsecured network that the Firesheep user was on. Facebook, Google, Twitter, Windows Live, and Yahoo are just a sampling of the sites Firesheep targeted. While this type of attack was not new, it was now far easier for anyone to become a hacker. In short, hacking was now a readily available opportunity for the masses and things haven’t gotten any better since.
Here is the bottom line. Unsecured Wi-Fi is insecure and, if for no other reason than the inconveniences that come from securing them, these networks will remain unsecured. That’s just the way it is. Given this, the first take away is that one should never connect to an unknown network particularly if the connection is free and remember that just because a connection claims to be Hilton’s, Jet Blue’s, or Starbucks’, doesn’t mean that it is. In situations where you are unsure, assume that if the connection is free there is a reason and it may not be worth the risk. I know that some will say that the Starbucks signal is free, they’ve used it many times and they never had a problem. In response, remember hacking is now available to the masses. This isn’t just about who made the signal available, it’s also about not knowing who else may be using that same free signal.
Unfortunately, you will still find that there are an over abundance of legitimate networks out there that are also unsecured, to include those found in hotels, airports, coffee shops and even some law offices, which brings us to a second take away. Only use an unsecured Wi-Fi network if you have the ability to secure the connection yourself by using a VPN connection, which basically means your data stream is going to be encrypted. VPN stands for virtual private network and allows you to create a secure tunnel between your remote computer and the home office. There are a number of ways to do this (e.g. LogMeIn, OpenVPN, and Cisco VPN) so my best advice would be to discuss the options with your IT staff or consultant who should be able to recommend an appropriate solution for your specific situation.
I wish that I could stop here but, I can’t. With the rapid proliferation of smart phones and tablet computers coupled with the shift to tiered data pricing, additional avenues of exposure arise as users can and will use these devices to connect to the Internet via a wireless signal. Just be aware that there are software solutions available that provide mobile security on such devices thus protecting them from viruses and malware. Also, there are other software solutions that allow the user to connect to the home office via a secure VPN connection. Again, talk with your IT staff or consultant and heed their advice. In light of the risks associated with unsecured Wi-Fi, a little convenience simply isn’t worth it because in the end you get what you pay for in terms of security and that would be nothing.
All opinions, advice, and experiences of guest bloggers/columnists are those of the author and do not necessarily reflect the opinions, practices or experiences of Solo Practice University®.