Money IQ: Wi-Fi Security

Money IQ
By Michael Carson
Wi-Fi Security

Wireless Ethernet (Wi-Fi) seems to be everywhere these days. Laptops, phones and tablets all take advantage of it.

Businesses often offer free Wi-Fi hotspots to their customers such as in a coffee shop, book store, bank, or hotel. Most people however, don’t realize that the person next to them could be electronically eavesdropping on everything that they are doing online. So, you may ask, why is there a higher security risk in Wi-Fi?

It’s because your device is broadcasting over the air to a wireless access point (WAP.) Any other Wi-Fi device within range can see the packets you are transmitting since the radio waves radiate outward from your device in a spherical pattern. 

To securely use your device at home, encryption is generally the answer to Wi-Fi security. WEP (Wired Equivalent Privacy), WPA (original Wi-Fi Protected Access), and WPA2 (Wi-Fi Protected Access 2) are all encryption protocols for encrypting Wi-Fi communications.

It makes the information that an eavesdropper gathers useless if it cannot be decrypted. Non-public access points should require a password and be using the WPA2 encryption protocol.

Other encryption protocols such as WEP and WPA are easily compromised and should no longer be used.  

Passwords should be long (at least 32 characters) and contain numbers and non-alphanumeric characters. It is possible to hide the SSID (Service Set Identifier) so that it doesn’t show up by default in SSID lists but this isn’t much of a security feature since the SSID is still being broadcast and can easily be captured by any packet capturing tool.

Public access points are not encrypted since they do not require a password, so this means that security is up to the end-user. You should be using the HTTPS protocol whenever possible rather than Hypertext Transfer Protocol (HTTP) since HTTPS encrypts web traffic. (Note the S stands for secure.)

You should be using SSL for applications such as an email client which offer the option since that will also encrypt the traffic. If you are not encrypting your traffic, assume that anybody within range might be able to see it.  

For mobile phone devices, the carrier’s network is going to be safer than a Wi-Fi hotspot since there will be some type of encryption. One option is to simply use your data plan on more sensitive transactions.   

A VPN connection is probably the best way to protect yourself if you must use public Wi-Fi networks. You could setup a VPN connection to your employer or your home and then use that Internet connection.

Another option is to use a public VPN service such as Witopia™ which starts at around $50 per year. VPN connections ensure that all traffic is being encrypted from your mobile device to the VPN endpoint regardless of the type of traffic.

The benefit of solving the Wi-Fi security threat is to protect your online information from eavesdropping intruders. Be cognizant that anything done unencrypted on a Wi-Fi system can be captured by anybody within range of the radio signal

To protect yourself when using Wi-Fi, use encryption. Your home WAP should be using WPA2 encryption. Anything you do on a public access point should be using HTTPS, SSL, or VPN encryption if you want to protect the confidentiality of your information.

Editor’s note: Michael Carson is the Sr. Security Engineer at Los Alamos National Bank. He has more than 20 years of experience.

  • Look for Money IQ every Wednesday in the Los Alamos Daily Post.
LOS ALAMOS website support locally by OviNuppi Systems