Staying Safe and Secure in the Public WiFi Wilderness
Jun 28, 2012 5:00 AM PT
With the apparent clamp-down on formerly liberal U.S. data quotas by mobile operators, public WiFi hotspots -- like cafes -- for daily Web consumption may become an ever more likely Internet environment for many of us.
Europeans have been used to limited mobile data quotas under various euphemisms like "fair use policies" and "data plans" for some time. It's now time for North Americans to hunker down, and figure alternatives to the mobile network, because we're seeing the same thing in the U.S. this year.
Having recently used up my entire month's allocation of mobile data in one evening watching television in a hotel -- and then, adding insult to injury, being told by my mobile operator, that for "fair-use" reasons I was now restricted to Web browsing for the rest of the month and couldn't buy more data, I decided to explore alternatives.
One approach would be to purchase a broadband SIM card for each day of the month that I was away from home and wanted to watch television. That could conceivably result in me acquiring and managing 31 SIM cards -- ridiculous, even for me, a self-confessed phone nut.
The practical alternative, however, is public WiFi -- the kind you find at coffee shops, airports and hotel lobbies.
I've written on how to go about finding and using public hotspots before. Here's how to use them safely.
Look for HTTPS
Verify that sensitive websites that you're using implement Secure Sockets Layer (SSL). Banking websites invariably use this protocol, called "SSL/TLS."
You can identify an SSL secured website because the address bar in the browser will use the "HTTPS" hypertext transfer protocol designation, rather than the "HTTP" protocol. The "S" refers to "Secure."
HTTPS authenticates the website and encrypts the data. This restricts packet sniffing eavesdropping of the kind you can get in a public WiFi environment. All electronic spies will see is gibberish.
Virtual Private Networks
What if a site you are visiting -- a Mom-and-Pop e-commerce site, for example -- doesn't use SSL and you still want to protect yourself from eavesdroppers?
Use a Virtual Private Network (VPN).
VPNs create a tunnel through the Internet from your location to the destination location, and everything in the tunnel is encrypted.
Perform a Web-based search for a VPN. Open Source VPNs use code called "OpenVPN." However, free services can restrict the amount of data that you can use or bombard you with ads.
I've used a paid VPN with dedicated physical server and a shared IP address that costs a few dollars a month. This kind of solution is bandwidth-robust.
Sign up for the account, and then follow the instructions to configure the VPN.
On a Windows machine, select "Network and Internet" and then "Network and Sharing Center" from the Control Panel. Choose "Set up a new connection or network" and then "Connect to a workplace."
Follow the wizard and enter the VPN account's supplied IP Address, User ID and Password. Check the account setup email for any network-specific configuration instructions.
Launch the VPN by selecting it from the network options in the Windows task bar. Then open a Web browser. Your traffic will be encrypted. Tips: For further housekeeping security, verify that the computer's firewall is turned on. In Windows, the firewall control is accessed within the Control Panel under "System and Security."
Turn off your WiFi radio when you've finished using it in a public WiFi environment. Most computers have a hardware switch for this. It's the same switch you'd use on a plane for Flight Safe Mode.
Want to Ask a Tech Question?
Is there a piece of tech you'd like to know how to operate properly? Is there a gadget that's got you confounded? Please send your tech questions to me, and I'll try to answer as many as possible in this column.
And use the Talkback feature below to add your comments!