Three Sticks — Personal Development for Christians

Syndicated at SafetyNet Personal Security Blog 

I recently read an article in Businessweek that claimed that laptops now outsell desktops. I’m not surprised although I have a pretty nice desktop my laptop has long since become my default computer. Of course, part of the reason I use my laptop more often is because I use Linux (Fedora Core 6) on my laptop as part of my campaign to move to free and open source software for all of my computing needs. Quite frankly, I’m ready to get off of the Windows upgrade rat race and I’m simply refuse to pay $300 to get Windows Vista Ultimate. The second reason I use my laptop more often is that it’s convenient. I can take it anywhere and connect it anywhere. Unfortunately, you and I are not the only persons to discover the usefulness of wireless networks. Criminals have discovered that wireless networks are rich sources of identity information. These criminals are sophisticated and very dangerous. Several years ago, I attended a security conference at the Georgia Institute of Technology where Georgia Tech hosted a panel that included:

• The Commission of the Federal Trade Commission (FTC)

• An Attorney

• The Dean of Computing, Georgia Institute of Technology

• Chief Technology Office of CipherTrust

• President and CEO of RSA Security

• President and CEO of EarthLink

• Chief Technology Officer of Internet Security Systems (ISS)

Needless to say these are the people who are responsible for setting policy and addressing the online security challenges faced by both consumers and businesses. There where several key points that came out of the conference. First, that unlike other infrastructures (electricity, radio, TV etc) the consumer has a big responsibility for their own safety. The Internet is a global infrastructure that has few rules which is great because it provides tremendous opportunities and dangerous because there are few regulations and protections for consumers. Second, these opportunities are just as open to legitimate businesses and consumers as they are to criminals. The Internet has created a new breed of technically sophisticated criminal. What they described was truly terrifying. They described criminals that operate in semi-independent cells (yes just like terrorists), build their own hardware, write their own software and reinvest money they steal through identity theft into new hardware and software (yes just like a business). Third, that the resources of the government and private organizations spend a lot of money just to keep pace. Lastly, they reiterated that consumers will have to remain vigilant because in it will take a combination of knowledge and technology to remain safe online.

Many people would argue that the threat is not that serious. However consider this, less the half of the people with home wireless networks (20 million+) enable any form of security WEP, WPA, Limiting MAC Addresses etc. That means that their email passwords, addresses and other identifying information is floating around their neighborhoods free for the taking. Most public networks also lack any form of security because it’s expensive and cumbersome to protect a networks where the user base is constantly changing.

A few years ago it happened to public officials in the State of Georgia, where a couple of kids sat outside of the Capital building with a laptop and a Pringles can and watched the web usage of some of the state’s senators and representatives. Unfortunately, it proved embarrassing for some because of the nature of the sites they were surfing. However the larger point is that we are all at risk.

And if you think thats WEP will protect you, think again. WEP can be cracked in less than 3 minutes with tools that you can download online for free. Simply go to Google and enter WEP and crack and you’ll find the tools.

Protection and Prevention

Fortunately, there are solutions to addressing these problems. The first and most important thing is to remember that you can protect yourself. Although wireless networks use radio signals to transmit data and just like any other radio signal it can be intercepted (ex. police scanner) it is possible to make your network secure. Second, ensure your operating system and other software is always up to date. Third, make sure you have a capable firewall, anti-virus, anti-spyware, anti-phishing solution. Lastly, use complex passwords for websites, email etc. A complex password is one that is more than 8 characters long and includes numbers, symbols and special characters like # $ and @.

The above recommendations apply for every computing scenario. Here some specific recommendations depending on your location.

Additional Recommendations to Protect Yourself on Your Home Wireless Network

• Disable SSID broadcast of your wireless router - This prevents the casual user from finding your network

• Turn on WPA with either shared keys or certificates - Most modern wireless routers provide wizards to help you configure your network

  • Use a complex key for your WPA shared key

• Limit the number of people who have your shared key and make sure they don’t give it out

• Consider limiting the specific computers that can connect to your network by limiting the MAC Addresses that can connect

Additional Recommendations to Protect Yourself on a Public Wireless Network (ex. hotel, airport, coffee shop, park, etc)

• Ask the network provider about any security measures they take to protect their users

• Refrain from accessing any site where you have to send you personal information unless you are sure the site is secure (ex. the little security lock on your browser’s status bar)

• Refrain from using email especially webmail

I’m going to avoid turning this into a commercial, but I will mention that my brother and I started a company, Miles Ahead LLC and we built a product, the SafetyNet Wireless Firewall to specifically address the public wireless network problem. We wanted to create software that made computing easy and safe. SafetyNet is our first product. If you’re interested in a simple and safe way to protect your information regardless of the network you are connected to please visit our site.

I hope this article helps you protect yourself. Good Luck.

Update - Here are some additional resources I’ve found since writing this article.

• How To Secure A Wireless Lan (WLAN)

Trackback URL for this post.