Sunday, October 10, 2010

Free WiFi access may be dangerous, you go first ...

Some of you may have received emails or have seen advertisements for free WiFi access from your local ISP. It sounds like a great idea especially since many of us have these nice smart phones or netbooks with WiFi on them. You enable your WiFi, use the advertised network and sign with your browser and away you go, easy!

But how secure are these access points? The ones I've seen so far have had no security (no WEP, no WPA no nothing). Not that this security would have been too helpful. And when you login you're getting just a https redirect service. For my local XFinity connection I found out it's using Optimimum Online's server (??? - Isn't Optimum Online a different ISP from Comcast and their XFinity service?). Talk about easy to spoof!

I have a little more experimenting to do but I'm not so sure I'll depend on these WiFi services for very much and certainly not for anything that depends on passwords or other personal account information. And with today's smart phones using multitasking you no longer have total control over all the apps. So your email could be running in the background while Mr. Wiley E. Hacker is letting you use his spoofing WAP which happens to look a lot like the ISP's WAP (which happens to be a different ISP's service anyway). It's convenient but at what cost to your information security?


Post a Comment

<< Home