Wi-Fi hotspots are the rage. Nearly every coffee shop and café offer laptop users the opportunity to use the Internet while sitting in their establishment. If you go out driving in any neighborhood with your electronic ears on, you can detect dozens of wireless networks located in homes. Businesses are putting in wireless networks for their employees as a matter of course.
The road warrior today will often use these wireless hotspots during the business day to transmit e-mail, browse the Internet, or send reports to the office. But is this safe and secure? The short answer is yes and no. It depends on whether the data is encrypted or not. Encryption is the process of converting data into a form that can’t be easily understood by unauthorized people. It involves using complex mathematical keys and algorithms to make it difficult to decode. Think of it as an electronic magic decoder ring for your laptop.
How to Protect Your Data
First of all, you need to determine if the hotspot is encrypted. If your laptop says the connection is “unsecured,” the hotspot isn’t secure. This means that anybody within range of that hotspot can eavesdrop on everything you transmit from your computer. There are literally dozens of free programs out there that people can download that will watch your data and surf the Internet along with you in real time. You go to a Web site, they go to the same Web site. And they can watch what you type into any Web page (that isn’t encrypted by https — more on that later). If you don’t want people to know what you’re doing on the Internet, don’t use an open wireless hotspot.
If the hotspot is open, you still can maintain privacy if you’re careful about what you’re doing. Most financial and banking Web sites are encrypted (you can tell by the prefix on the Web site: “Http” means it’s not encrypted, while “https” means it’s encrypted and therefore safe from casual ‘eavesdropping’). It’s safe to use these sites even while on an open hotspot. The ‘eavesdroppers’ or ‘sniffers’ in the crowd will only see encrypted data (although they can tell where you’re going, they can’t see what you’re doing).
One type of Web site to be especially wary of is e-mail. Services such as Gmail, Hotmail, Yahoo!, and Windows Live all use https on the pages that you login to the service with, but then they change to http to view and send mail. Why do they do this? Https is computationally expensive versus http and requires significantly more computer resources to calculate. So these Web sites protect your password, but allow your e-mail to be viewed by anyone in the area (if you’re on an open hotspot).
If you’re using Outlook or Eudora for an e-mail client while using an open hotspot, then you may still be exposed. If you’re using POP3 or IMAP to access your e-mail, then not only can people read your e-mail as you do, but they can also get your username and password. For accounts in Outlook or Eudora, look at your mail preferences to find out what protocol you’re using.
If the hotspot is encrypted, you’re safe from casual eavesdropping. However, make sure you pay attention to the people around you. “Shoulder surfing” is also a threat at a hotspot.
Wireless hotspots are a real convenience when you’re on the road. Just remember that someone may be sniffing your information out of thin air.
John C. Shovic is a partner at MiloCreek Consulting in Coeur d’Alene, Idaho.