WiFi - Security Enabled vs Unsecured

The friendliest place on the web for anyone with an RV or an interest in RVing!
If you have answers, please help by responding to the unanswered posts.

Ray D

Well-known member
Joined
Jun 4, 2006
Posts
1,963
Location
Boise, Idaho
Sorry, I have read so much on this and I just don't get it.  ???

The RV Park WiFi is on the fritz, and most of the time, unavailable. They are working diligently but have trouble with their supplier. (I was in the office while the manager was trying to get service.) That business must be part of a zoo!  ::)

Anyway, I'm offline most of the time.

I notice several other WiFi signals, in good range. Several of them are unsecured. Two of them, I think, are from a truck stop close to here. I was thinking about asking them if I could tag along, from here. I suspect they'd say yes, since it is a convenient place for me to trade. Problem is they are "unsecured."

In simple English, if that's possible, what is the risk of using unsecured WiFi?  ???

I go to 3 major news sites, the bank, and the RV Forum. And I exchange e-mail. What is my hazard?  ???

If I do not respond to suggestions, it will be because I can't connect. I'll read everything next time I get on-line.  ::)

Thanks.

Ray D  :)
 
With my limited knowledge there would be no problem with news sites and e-mails but I would think long and hard about doing banking or and financial stuff over an unsecured connection. I would also not sent personal info through e-mail on them . I'm sure others will have a better idea what is safe to do and what is not safe to do.
 
My understanding about a secured vs an unsecured WiFi site is that a 'secured' site requires a passcode to gain acces to the Router.  Once accessed it does not provide any further security.

On a secured Router you do limit the number of direct users to those that have the pass code so the exposure is somewhat less.  Do make sure that you have sharing turned off on your computer before you use any WiFi.

I am very interested in Ned's input on this topic.
 
The encryption or lack of on a WiFi connection is irrelevant to the security of online financial services.  Encryption only allows the WiFi owner to control who has access to the network.  As Walt says, turn off file and printer sharing on your WiFi connection.  Actually, the only protocol needed for the WiFi connection is the TCP/IP ver. 4.

As for the truck stop network, although it may be unencrypted, it may very well require pay for use.  Once you connect, when you open your browser, you'll be taken to a screen that will require a login or registration, with credit card, to access the internet.
 
I'm back. Seem to have a decent park connection, at the moment.  8)

Thanks, folks. I do need to go to the bank. I plan to do more on-line banking and bill paying, not less. I have this sense of someone peering over my shoulder, as I pay bills. Don't want that!  :(  

Ray D  ;D
 
Ned said:
The encryption or lack of on a WiFi connection is irrelevant to the security of online financial services. 

So are you saying that banking from these park or truckstop networks is safe?
 
The encryption or lack of on a WiFi connection is irrelevant to the security of online financial services.  Encryption only allows the WiFi owner to control who has access to the network.  As Walt says, turn off file and printer sharing on your WiFi connection.  Actually, the only protocol needed for the WiFi connection is the TCP/IP ver. 4.

So Secured or not is really irrelevant to me?

Not sure how to turn off file and/or printer sharing, but will find out.

Does my Windows Firewall make banking safe/safer?

you'll be taken to a screen that will require a login or registration, with credit card, to access the internet.

Oh, I just love surprises!  :D  I'll pass.

Cell card is looking better!  :)

Ray D  ;D
 
When I go to the bank, I get a screen that asks for my accnt # and password. The address line starts with "https://"

Is my accnt # or password exposed, at that point? I understand that the s in https means encripted. What is exposed and what is not exposed? (I'm digging, here!)
 
John Canfield said:
https does mean that your communication with the other end end is encrypted.

Now you have me curious, it would mean it is  encrypted on the other end but does it mean it is safe from your end if you are on a WiFi connection that is not encrypted ? Does what I just asked make any sense?
 
https:// means that the data is encrypted from the time it leaves your computer until it arrives at the bank's computer, and vice-versa.  It doesn't matter if you use wi-fi, cellular, a hardline connection or two tin cups and a piece of string to get from one to the other - your signal is fully encrypted from one end to the other.

The problem comes when you include personal information in an email or over a web page that is not secure (not https://).  In this case, anyone monitoring your stream can see exactly what you're sending.  It's not just wi-fi that makes you vulnerable - even on a wired connection there can be dozens or even hundreds of relay points between you and the receiving end, and any of these can be hacked to see what you're sending.

So don't send valuable information over the web unless you have a secure link (https://) and be careful what you include in non-encrypted email, no matter how you connect to the Net.

A Secure wi-fi connection only means the owner has taken steps to control who has access to the Net through his site.  It has no bearing on whether your information is visible to others or not.




 
I'm equally curious about detailed answers to your questions, especially when I'm OCOUS... not that it makes much difference I suppose but I still feel that way.  My assumption/belief is that when you use a https address the transmission to/from is encrypted at 128 bit encryption which is "sufficiently secure for what I do".  I also assume that nothing I do with email/forums is secure or private.  I also believe that anyone with "NSA level" expertise and resources can "hack" into any computer or computer network whenever they decide it is worth doing.  A wise friend told me once the secret to protection of secrets is to hide them amongst all the other information that is not secret, thus forcing a "thief" to sort through all the information to find the real secrets and be wise enough know when they find them.  Instead, we carefully mark the important information so that it is easy to find and then spend gobs of money to guard it.  So we are sorta in between, IMHO, nothing we do is so important that the "thieves" are willing to hack into even 128 bit encryption and thus, most of what we do is "safe".  I'm assuming that you are not banking at the level of Billy Gates or the esteemed Mr. Buffett or the other CEOs with mega millions to guard...

thanks, G.
 
What Lou said! 

For those of us that are mobile and not a high-priority target, please rest peacefully when you conduct business on a link that begins with https:// You are encrypted end-to-end.
 
When using an https:// connection through your Web browser, your personal information is protected, even on otherwise insecure connections. This is generally considered strong enough network security to have when sending your credit card number, for example. At a public hotspot, the greater risk is usually someone situated behind you able to see the numbers you type.

Another security risk on public hotpots involves other computers also connected to this unsecured network. Network attacks can be made through them, by connecting to your computer and possibly downloading information from your hard drive.

People address this latter problem by running a firewall program on their computer. Firewalls guard against these incoming attackers. It is additional considered good practice not to stay connected to unsecured networks for too long of a time to become an attack target. You should always run a good firewall program whenever connected to a "unsecured wireless network" and disconnect when not using your link.

http://compnetworking.about.com/b/2006/01/04/using-an-unsecured-wireless-network.htm
 
I've seen some tech articles that claim that doing banking business over the Internet is safer than going into a building.  And the reason is the encryption, but also the fact that when you Internet bank, no human sees your information.  It is all handled electronically which eliminates some of the opportunity to corrupt it.  That's what they said.
 
I have been a full timer for 7 years and I have been paying my bills online and doing online banking all along without any problems. I used Wifi the first few years and now I have have been using Verizon air card for the last few years. Personally I feel it is a lot safer to transmit your personal information over an unsecured Wifi connection than it is to hand your credit card to a waiter in a restaurant who disappears with it for ten minutes before bringing it back to you.
 
seilerbird said:
I have been a full timer for 7 years and I have been paying my bills online and doing online banking all along without any problems. I used Wifi the first few years and now I have have been using Verizon air card for the last few years. Personally I feel it is a lot safer to transmit your personal information over an unsecured Wifi connection than it is to hand your credit card to a waiter in a restaurant who disappears with it for ten minutes before bringing it back to you.

Or the gas station that attaches a rogue computer to the communication line from the gas pump and reads the CC info from the card reader at the pump.  Then sells the CC info within a few minutes to someone standing by ready to initiate on line purchases.  This actually happened to a friend of mine when we were on a motorcycle trip in southern Utah, Torrey Utah, to be specific.  The illegal charges started showing up on his CC about 10 minutes after he bought gasoline.  His wife started getting phone calls from the CC company about 20 minutes later wondering how it was possible for charges to come in from a gas station in Torrey Utah and a sporting goods store in Chicage within minutes of each other.  The CC company shut it down somehow.

He never thought this was funny at all....? ::)

I've always wondered what happened to the gas station since I've never been back to Torrey since.
 
I would first make sure of the unsecured wifi you are connecting to. You don't want to connect to someone's honey pot.  Which is essentially a fake access point to harvest data through.

I have set up ad hoc networks in campground just to see if people will jump on board and they sure do.

I set up my network to boost RV park wifi in low signal area. Since my signal is the strongest they jump on with no question. I even rename it to other things and people just jump on without permission. I could easily harvest data, redirect them to pages I want or make them pay for the connection while using the RV park's free wifi...

So many things to do to clueless users.
 
Bighorn said:
I would first make sure of the unsecured wifi you are connecting to. You don't want to connect to someone's honey pot.  Which is essentially a fake access point to harvest data through.

I have set up ad hoc networks in campground just to see if people will jump on board and they sure do.

I set up my network to boost RV park wifi in low signal area. Since my signal is the strongest they jump on with no question. I even rename it to other things and people just jump on without permission. I could easily harvest data, redirect them to pages I want or make them pay for the connection while using the RV park's free wifi...

I got one of the repeater/amplifier setups from JefaTech so I could get a better signal from RV park WIFI systems.  It looks like any other WIFI system with WPA2 encryption so I assume that few folks can piggy back on our connection but I don't really know.  When I do a survey of WIFI systems in range of the antenna, which I mounted on top of the TV antenna, I usually see quite a few radios, some open, most secure.  You must have much more know-how than me... I can sorta understand what you are describing but I certainly don't have the technical know-how to probe the signals from other computers.  I can see the mac address of every computer that might attached to the JefaTech repeater but it is only me so far.  The repeater is actually a cisco wireless router programmed to be a repeater.  Maybe you have heard of these?  Am I as vulnerable as you suggest?  Even with https://... connections?
 
As long as you're using WPA or, better yet, WPA2, encryption on your wireless links, you're secure from any freeloaders or eavesdroppers.  The https links are secure regardless of how you connect to the internet.  It is a separate issue from WiFi encryption.

What Bighorn is referring to is if you control the router that people connect to, you can log all of their data going to and from the internet as long as they aren't using an SSL (https) link.  This includes most email user names and passwords as they are often sent in clear text, unencrypted.  Even SSL connections can be faked and the data logged using what's called a man in the middle attack.  So make sure you know and trust the WiFi connection you use, and is a good reason not to freeload on just any open connection.
 

Latest posts

Forum statistics

Threads
131,749
Posts
1,384,226
Members
137,520
Latest member
jeep3501
Back
Top Bottom