WiFi - Security Enabled vs Unsecured

[taoshum]

Jammer,

take a look at these suggestions:

http://www.dailywealth.com/index.asp

http://www.dailywealth.com/index.asp

what do you think?

 

[Mastermtn]

All depends what you want to secure.  Then there are tradeoffs.

- Run Linux instead of Windows -- history of fewer exploits and, most would say, an inherently safer security model
- Run Firefox instead of IE -- history of fewer exploits and fewer exploitable bugs
- Use Truecrypt for your hard disk -- used properly keeps anything on your hard disk secure if your computer is stolen.  There are other similar products.
- GPG -- secures email, highly effective if used by both sender and receiver.  Thunderbird and some other email clients help with this.
- Various secure proxy services - allow you to browse the web, useful if you're concerned about the security of your password on non-secure sites like the rvforum, or if you're concerned about people knowing what web sites you visit and what searches you perform

A word of caution here...running a different operating system or browser does not "cure" or help
the problem of security per se..as ANY  OS or browser still sends out your data over 802.1 (ethernet)
standards in the airwaves- they just use different encryption techniques that still fall into the
category of crackable...and BTW making a change from Windows to Linux is definitely NON-TRIVIAL!!
Changing to a different browser is relatively easy but does not gain much in security a-la the previous
I mentioned...safest bet today is air-cards which use (at least ATT I know..perhaps others) later
encryption than "most" wi-fi router setups in parks and hotels and coffee-shops...etc....

Also the randomness of logging in to your bank will help deter the crackers...I try to do all my banking
at 5AM for example...most of my cracker friends at Bezerkley, Ca and Taiwan are asleep then! No
kidding...Craig cracked my 14 character alphanumeric password in under 8 hours of computer time..
..scared the heck out of me...

so I hire him now to do routine security checks at our computer center in the Bay Area....

R

ooops..Taiwan is a different time zone... ;-)

;D

 

[crackodawn]

Sorry, I have read so much on this and I just don't get it.Ray D

Never ever use an unsecured WiFi connection for anything other than simple browsing from a computer without sensitive information stored on it.

1. WiFi without security is the same as taping your stuff on the front window.
2. WEP is worthless and not better than nothing. It is false security. It would take anyone wanting to get your data seconds to blow right past wep.
3. WPA2 is about the best you can get without resorting to a lot of expense. WPA2 is fine and costs nothing to use and is easy to setup.

When it comes to banking and such things, the so called secure sites including those of major banks mean nothing if you are using a public wifi without security.

Other tibits:

GSM has been cracked. That means it is possible to monitor wireless modem cards like those from AT&T/T-Mobile and other carriers using GSM. Verizon and Sprint use CDMA and are far more secure. This is fact not my opinion.

The basics for a secure system for mobile users:

Best: (if wireless tot he provider and no cable model or DSL)

EVDO Router and wired connections to your PC/Laptop. Good anti-virus ( the free ones like AVAST or AVG are as good or better than anything Symantec or Norton put out). Configure the router's firewall properly. That is very important. No use of admin credentials when running applications or web browsing. Don't bother with security suite software, it is a waste of your money. Plain name SSID and wireless client isolation set in the router.

Better:

EVDO Router and wireless configured for WPA2. Firewall settings in the router configured properly. Good anti-virus software as above. No admin user rights for applications or web browsing.

If you have cable or dsl service, then substitute the EVDO for cable or DSL.

Https over an unsecured WiFi is the same as nothing.

Admin edit: Removed unnecessary quoting.

 

[Ned]

Encryption on a WiFi connection is only for the benefit of the owner of the access point by controlling access to the router and internet connection.  It has no relevance to security of YOUR connections to any web sites you may visit.  For security in online banking, etc. you need to connect to HTTPS (SSL) sites and that has nothing to do with encryption on the WiFi connection.

An unencrypted WiFi connection is no less secure than an encrypted one with respect to your internet transactions.  WiFi encryption does nothing to protect you as a user of that connection.

 

[seilerbird]

"I bet that between Google, Microsoft, Yahoo, the telecos and the NSA there is absolutely no privacy.... none, zero, nada, zilch, nothing is left beyond the prying eyes of these folks if they choose to look.  "

I love it when people complain about how insecure the Internet is, then they go out to dinner, hand the waiter their Visa card and he disappears with it for ten minutes...

 

[BrianC]

Never ever use an unsecured WiFi connection for anything other than simple browsing from a computer without sensitive information stored on it.

1. WiFi without security is the same as taping your stuff on the front window.

I'm sorry to inform you that you are wrong.  WPA, WEP or any other WIFI encryption protocol is extremely weak.  If use the analogy of physical pad lock, I would equate that with the lock that your daughter use to lock up her dairy.  A secured, encrypted connection to most national bank is far more secure then any Wifi protocol can offer. 

The bottom line is, using an unsecured Wifi connection to access your bank/internet does not pose any more risk then using a hard wired connection.  Now, should you do it without asking?  Probably not, it's not nice.  After all, you are not paying for it. 

B