Many people share their internet connection through Wifi these days, either intentionally or unintentionally.
On this page I want to share some thoughts behind this phenomenon.
I think the emphasis of sharing your Wifi signal with others (read: strangers) should lie on "security".
Not only the security of the person who shares his/her connection is questionable.
Also the ones who use shared Wifi connections may be vulnerable.
So if you're sharing your internet connection because you think you have nothing to hide, or because you are a social sharer, or just out of laziness or ignorance, this page should start you thinking.
I know, if everybody closes their open Wifi connections now, I won't be able to check my mail when I'm abroad anymore. But that's a risk I ought to take.
What Can Happen To Me When I Share My Wifi?
Let's start with the worst case scenario: You may end up in jail!
I'm serious, you can get serious trouble with the law! OK, chances may be small that this will indeed happen to you, but it is possible. For instance if some stranger has uploaded some illegal material through your internet connection. You will be held responsible and there is no way for you, or anyone else, to find out who really did it.
Other threats which will await you are:
"I have nothing to hide", I hear you say?
Are you sure you have never used your credit card to pay something on the internet?
And you never bought anything on e-bay?
You do not use your computer for banking?
You do not use Paypal?
You have no friends with which you share your intimate secrets through e-mail or MSN?
Are you really sure you have never ever entered a single password on a web site!?
You don't have private photos on your computer?
What Can Happen To Me When I Use An Open Network?
Chances are that you connect to the internet using an open network of a no-know. Someone who doesn't understand or care why he/she should encrypt the Wifi connection. My guess is that most open networks fall under this category.
However, you can't be sure! You might as well have logged in to a honey pot network. A network that intentionally has been left open to attract visitors. Be prepared to share your entire communication with the Wifi owner who can have a program running which monitors all traffic.
Risks may be relatively harmless, like your user name and password for your blog site may be intercepted.
Later you'll find your entire blog to be erased and replaced by a lot of junk.
Not only the Wifi owner can listen in to your connection!
Because the connection is not encrypted anyone around you can listen in through their WLAN interface.
But probably the worst thing that can happen to you is that your laptop gets snatched away from you while you're at it.
Data theft is possible, but let's face it, you're laptop is probably far easier to steal from you than your data.
What Can Happen To Me When I Use An Official Hotspot?
Many commercial and free hotspots exist world wide.
They can be found in most public places like airports, train stations, hotels, restaurants and libraries, to name but a few popular locations.
Well, there can't be any problems here, can there? I mean these hotspots are run by respectable companies and they have done their utmost to make the hotspots safe, haven't they? They won't eavesdrop on me, would they?
I think it's safe to say that at least in the free part of the world these companies are not after your passwords or other data.
This doesn't mean though that they don't log your access, just in case you are doing something illegal.
This will help law enforcement later if there happens to be a dispute.
Of course it is not all that bad.
Let's pretend to log in to a commercial hotspot.
You simply connect to the strongest signal available, open your browser and type any URL.
No matter what you entered you'll be presented with a secured login screen.
On this screen you can authenticate yourself and may be given the opportunity to pay for the connection.
Usually payment can be done in various different ways.
Credit cards, vouchers and Paypal are probably the most popular ways to pay for your connection.
First of all make sure you are looking at a secured web site!
If not, ABORT!
Don't ever enter you credit card details on a non secured site!
Anyone around you can read what you type!
FON is one of the popular "free" hotspot concepts.
The idea is to share your internet with the world.
And in exchange you can use any Fonspot in the world for free.
A great initiative!
My advise is simple: Don't trust any hotspot!
Login to a VPN server if you can to encrypt whatever you're doing.
Or pay particular attention to secured connections if you are sending or receiving sensitive private information.
What Can Happen To Me When I Don't Use Wifi At All?
Simpel, we all experience the results of open networks: Spam, trojans, viruses, denial of service attacks, web site spoofing, phishing, defacements, etc. etc.
What can I do about it? Quite a lot really, but we'll have to do it together!
What Can I Do To Protect Myself?
Apart from the tips given above to the non Wifi users, Wifi users may find the next tips useful to increase their sense of security.
If you don't want to share your internet with strangers, protect your Wifi connection with WEP or WPA.
WPA is generally considered very secure, but not all equipment can handle it, so you may have to fall back on WEP to ensure complete compatibility.
Use strong encryption, but don't overdo it.
Don't simply use a word or name which could be guessed quite easily.
Don't share your entire hard drive on your laptop. Only share one (usually empty) directory if you have to transport data from one PC to another.
Always use encryption for sensitive data if you're visiting an untrusted (read: any network but your own) Wifi connection! Login to a VPN server if you can. Use encrypted mail servers if you can.
Never use the default SSID of your Access Point. Change it to something descriptive. You could hide your SSID on some Access Points if you want some extra security. Strangers could see that there is something there, but they can't login because they don't know the SSID. However this will complicate making connections to that Access Point for yourself too.
Always change the default password of your Access Point!
Don't do sensitive things on a strange network if you don't have to. Wait a few hours until you're home if it can wait.
Change your roaming passwords regularly. For instance passwords used to access Hotspots may be intercepted and abused.
Pay particular attention to failed logins to Hotpsots. Someone may be faking a well known Hotspot with the intention to steal your credentials. If you're in doubt, change your password as soon as possible after a failed login.
Use your common sense.