Friday, August 17, 2007

Top 5 reasons why you shouldn't connect to an open wireless (WiFi specifically) connection

When you connect to, umph, say, Starbucks's wireless networks and similar, you connect without even providing a username or password (some of these applies to web based authentication) think about these;

  1. 1. It's open, therefore there's NO encryption, everyone (can) see your traffic
  2. 2. Others can impersonate you! and do stuff you wouldn't (or would, but not in public, haha)
  3. 3. Anyone could easily impersonate the access point and become the gateway. Which mean, everything passes through his/her computer before reaching another destination
  4. 4. Your own computer can be easily exposed to unauthorized access (or attempts) since almost ANYONE can connect, which mean, the good and bad guys!
  5. 5. And finally, It's designed to be insecure! or the implementors have no clue what so ever. So, don't even expect any security on it.
Stay secure, opt for secure APs (at a minimum), if you do not have a choice, they ensure that you access only SSL, TLS or VPN type of accesses to ensure you create an encrypted tunnel between you and the destination. Wikipedia TLS or SSL for more information.

Stay secure

2 comments:

Rajiv said...

I appreciate it.But i doubt how can one view the things we do on the web..if we use aopen wireless connection..can u explain plz?

Sanjay W said...

Hi Rajiv,

The fact that it's open, all data passing in the "air" is in clear which is an opposite to an encrypted connection which for example, WPA2 offers. By using a sniffer alike, e.g. ethereal, Microsoft Network Monitor or similar, i can intercept the communication between you and the wifi router/device and act on your behalf or view sensitive information. HTH./Sanjay