Skip to content
Home » wi-fi » Page 3


Doc, what security settings are you using on your network?

A reader who will remain anonymous (he can out himself if he wishes) sent me an interesting observation. He was in his doctor’s office last week, and out of curiosity, he ran a wifi scanner on his phone just to see what networks were available and how they were secured.

What he saw wasn’t pretty. Especially considering he was in a building full of doctors, lawyers, and financial advisors.Read More »Doc, what security settings are you using on your network?

Why Google wants to know about your wi-fi networks

Google has been recording the names and coordinates of wi-fi networks for several years, which has gotten the company some bad publicity. In fact, a longtime reader asked a question about that just a few days ago. Part of the reason for the objections was because few people understood what they were doing with that data.

This past week, we saw one of the fruits of that endeavor.
Read More »Why Google wants to know about your wi-fi networks

Securing wi-fi isn’t about price gouging

The so-called wi-fi golden era is over, and apparently being glad about it makes me an absolutist.

But John C. Dvorak is wrong. This isn’t about making people pay for Internet access. It’s pure security. Toilets and drinking fountains are free because the majority of people don’t abuse them. The Internet can’t be wide open and free like a public restroom because when it was totally wide open and free in the 1990s, too many people abused it.Read More »Securing wi-fi isn’t about price gouging

The contractor who built systems via P2P

Today I was helping one of my coworkers study for the Security+ exam, and one of his study questions reminded me of a story.

I wrote a few days ago about spending some time in an unhealthy IT shop. One of my cohorts supported one of the departments that decided to outsource its IT to a contractor, rather than use the internal IT department. It was a form of shadow IT on a large scale. The hand-off didn’t exactly go as it should.

Read More »The contractor who built systems via P2P

Why SSL isn’t fooolproof security

Over at Rabbit-Hole, a commenter posted that my low-tier VPN is unnecessary if you’re using SSL. He’s wrong.

Perhaps I should have titled this “When SSL isn’t foolproof security,” but it’s too late now. Oh well.

When you’re sitting on a strange network (not your home or work network), SSL is vulnerable to a classic man-in-the-middle attack. If you’re paying attention, you should know if your session is being hijacked. But who’s paying attention?

Read More »Why SSL isn’t fooolproof security

A simple security enhancement you can and should do now

HTTPS Everywhere is a free Firefox extension–the EFF would like to do it for other browsers but says it’s not possible without source code–that forces the browser to use HTTPS (SSL-encrypted) connections whenever possible. This isn’t foolproof security–HTTPS is vulnerable to man-in-the-middle attacks–but it forces an attacker to do more work in order to snoop on your web traffic.

If you spend a lot of time on public wi-fi networks, this is the bare minimum you should do to protect yourself.

I need to remember to write up an explanation later this week of how SSL is vulnerable to man-in-the-middle attacks. But it’s better than nothing, and there’s nothing wrong with using it as additional protection even when you’re on a safe network.

Secure that public wi-fi with a low-tier, no-cost home VPN

If you spend any time at all using unencrypted wi-fi networks at hotels and coffee shops, you need a VPN. Public connections are fine for reading news headlines and checking sports scores, but cannot be considered safe for e-mail, online banking, making purchases, or anything that involves a username and a password. A VPN, which encrypts that traffic from prying eyes, is the only way to make them safe.

Here’s how to set up a VPN that’s good enough for personal use. All you need is a home Internet connection, a computer at home, and the laptop you take on the road.

Of course corporations can set up VPNs that are much faster and much more robust, but this is something you can set up in a couple of hours on a weekend afternoon without spending anything.

Read More »Secure that public wi-fi with a low-tier, no-cost home VPN

How to tame e-books

I haven’t exactly been rushing out to buy an e-reader, for at least a couple of reasons. The practical reason is that I’m afraid of being locked in to a single vendor. Amazon is the market leader and the most likely to still be around for the long term, but they’re the worst about locking you in. The other vendors offer slightly better interoperability–supporting the same file format and, optionally, the same DRM–but the non-Amazon market leaders are Barnes & Noble, Borders, and Sony, all of which are scary. Borders is being liquidated; B&N isn’t losing money–yet–but its profit margins have shrunk each of the last two years; and Sony’s recent problems are well known to the security community. I’m not too anxious to climb into bed with any of them. Google is entering the market as well, but the first Google-backed e-reader doesn’t support highlighting or note-taking.

The Luddite reason is that I’m old enough to have an attachment to books. Physical books, printed on paper. Maybe this isn’t true for any generation beyond mine (I’m a GenXer), but for my generation and previous generations, having books on your shelf is a sign of being educated. And there are certain books–or types of books, depending on your field–that you’re expected to have on your shelf.

To a certain extent, the latter reason can be negated by playing the e-reader card. Of course I have the complete works of Shakespeare on my e-reader, so those Shakespeare books from college just became clutter…
Read More »How to tame e-books