Practising Safe Internet - Wireless

Practising Safe Internet Part 6– Wireless - No strings attached?

One of the biggest advancements in home and business computing recently has been wireless networking. People can now access the Internet and other computers without having to run cables around the house or office. The increased use of laptop and notebooks means people have the freedom to move, a bit like the revolution that cordless phones brought to us some years ago. Just like the early cordless phones, there is an added risk that someone else may be listening in. However unlike the cordless phone, unsecured wireless networks can also allow others to use it for their own purposes without your knowledge. Potentially anyone nearby with a wi-fi enabled computer can access your network. From the minor inconvenience of someone using it to access the Internet, to the danger of downloading or deleting files from your computer. The potential for disaster is there.

Fortunately there are things you can do to secure your own wireless network. Most wireless access points now provide several security options, the most important being WPA encryption. WPA replaces the less secure WEP encryption and is extremely secure. WPA uses a PSK (pre-shared key) of up to 63 characters. It is important to use a long key string and to make sure it does not contains words or sequences that are recognizable or found in a dictionary. For strong encryption, it is best to use a randomly generated PSK. An online random key generator is available at www.grc.com/passwords. Once configured, the user can feel assured their computers and Internet are safe from anyone wishing to access it.

Additional features such as MAC address filtering can be helpful, though it is not foolproof to hackers with the right tools. Each network device, such as a wireless network card, has a unique number that identifies it. MAC address filtering allows you to choose which computers or devices can access your network, helpful to stop the casual outsider who has inadvertently found your wireless network.

Another means of making yourself invisible to your neighbours is to hide your SSID, or "Service Set Identifier". Your SSID is the name you've given your wireless network. Usually it is openly transmitted to all wireless users so they may easily join your network. In an open environment this may be very helpful, but to a closed network it's better to turn off SSID from transmitting. It's hard to join a wireless network if you don't already know its SSID and you can't see it.

If all these things are used, particularly WPA Encryption, then you should feel quite safe in using your own wireless network.

How about the other side of wireless? Let's say you are travelling, perhaps in an airport lounge or state library where open hotspots are available for people to use wireless Internet for free. Surely you are safe then, after all it's not your network is it? WRONG. These open networks are great, but they cannot offer any protection against people spying on you. This may not sound all that bad, but let's say you log in to check your email, or access your bank details? Unscrupulous people could be capturing everything you do, including passwords and credit card details! Fortunately banks and most businesses use SSL secured pages which encrypt Internet traffic when accessing them. This does protect you, however not all the things you do online have this level of protection. This is especially true for accessing email using your email software. Rarely do email programs use SSL and therefore people could learn your username and password. They could also gain other personal or important information from emails you download or send.

It is important that when using an open wireless network that you use SSL, or some other form of secure communication for all sensitive information. If you wish to use email, see if your ISP or business uses SSL security on their web mail page. If you aren't sure, just look for that little padlock in the bottom of your web browser. Only when using such methods can you feel safe while on an unencrypted open network.

Wireless networking is safe when used correctly. However there are still many people who do not secure their networks, or use open networks completely oblivious to the dangers. Secure your network and practice safe wireless, as sometimes there ARE strings attached!

Further information on security and technical issues can be found at "Security Now" www.grc.com/securitynow.htm. This site hosts podcasts (MP3 files) of a weekly radio show featuring computer security guru Steve Gibson.