As I travel to the Hashemite Kingdom next week, there are at least 5 simple things I can do to make my WiFi experiences a bit more secure. So can you, here’s how:
During my upcoming journey to Jordan, I’ll have ample opportunities to consume the culture on a variety of levels – including the ever growing WIFI connections that now abound in the Hashemite Kingdom. This in turn will give any nere-do-wells an opportunity to consume my personal and private information; if not zombie-fry my laptop altogether. And while I believe there is no such thing as total mobile security – there are ast least 5 simple things I can do to inconvenience the lesser-determined bad-guys to the point they move onto the guy computing next to me waiting for the airplane to board.
1. Connect Securely
How do you know you’re securely connected to the wireless router at your favorite coffee shop? Simple, you have inconvenience the barista or the hotel staff for a WEP, or even more secure, WPA key to access the Internet.
Yes, yes, yes, I know, WEP stinks in comparison to WPA, none-the-less, better a little hassle than to sign away one’s identity and security by confirming to use a ‘wide-open’ network.
2. Tunnel Safely
The problem with seeking out a WPA-PSK encryption is that many times, it just isn’t available. Merchants provide WiFi hot-spots as a competitive draw. It loses its return on investment if they find themselves busier teaching wireless laptop connectivity than selling biscotti.
For those who don’t mind taking security matters into their own hands – or at least putting them into the hands of 3rd parties who provide VPN services; some for free. Here is a short list in alphabetical order:
- AnchorFree (free);
- HotSpotVPN ($8.88/month)
- iPig (free & pay versions)
- McAfee’s Wireless ($39.95/seat)
- PublicVPN ($5.95/month)
- WiTopia ($9.95/yr sWifi & $39.95/yr pVPN)
3. Surf Encrypted
Many of us who buy stuff online already know to look for that little encryption lock in the status bar of our browser. However, have you considered looking for it when you login to an online email service?
How about when you use the same password you use for everything when you login to a blogging service or bulletin board?
Again, in cases where you are at the mercy of a service provider not offering secure logins and transactions, there are some not-so-stupid browser tricks you can employ – provided you have the right browser.
For example, while gMail does provide a secure login, it does not provide encryption when I’m emailing you about my upcoming trip to Jordan. Same too when I blog this post using Google Docs.
Fortunately, I use FireFox, which in turn allows me to plug-in the Customize Google extension, which in turn allows me to check an option to “Secure (switch to https).” Voila!
If I must to FTP, then I use SSH File Transfer Protocol (SFTP) – and when possible – using an encrypted zip file. Yes, I’m aware the PKZip password protection is inherently weak, but it’s stronger than nothing.
4. Password Strongly
All the security in the world won’t help me if I use the same password for everything, and that password is something relatively easy to guess or crack. For example … a login of ‘dean’ and password of ‘peters’ I would think would take even the lames of script kiddie all of 5 seconds to figure out.
If you can’t figure out how to create a memorable but strong password, fear not. There are plenty of online services. Here are 3 that didn’t ask me who I was before generating some solutions:
- Strong Password Generator
- GRC’s Ultra High Security Password Generator
- Password Generator by Byte Interactive
5. Speak Nothing
Having spent some time with a top-secret security clearance, I know what the phrase “need to know” means:
- the best way to keep a secret is not to tell anyone;
- failing that, only tell the secret to those who must know;
- never write anything down;
- shred everything; and
- trust no one.
So asides from keeping our ‘yaps shut’ – this also means
- turning off any file, printer and/or other fun network sharing;
- turning on any firewall, spyware and anti-virus detection; and
- depending on your operating system and configuration, shutting down open ports.
Yeah, that last one is not too easy, but I figure if you’re savvy enough to run a server, you’re savvy enough to know you’ve got some entry ways your firewall may not catch (for the rest of you, just make sure your firewall application is running).
I know this last bit sounds a bit blunt – especially for those of you working with churches, charities and missions – especially that last point.
But the last thing we need is to have our personal lives, our ministries and/or our livelihoods imperiled by an ever constant swarm of sinners who would think nothing of emptying out your bank account, ruining your retirement fun, and tapping out your travel funds to fun places like Jordan.
Better to remain a little bit paranoid about private information so you can keep you mind on publicly pronouncing the good news that is Christ crucified and Christ resurrected.