Public
PC's-
Hot Spots
Summary:
Prevention tips while using Public PC's and Hot Spots when traveling,
at a library, internet cafe, airport- whether a paid or free service.
Purpose:
To provide some tips on protecting your privacy and preventing others
from stealing your identity or infecting your system while using your
own or public computers, software, browsers or free access points/
accounts. How to protect your PC from being hijacked.
"Public or
private?"
Security Software
Advice:
Avoid using computers that you are unfamiliar with to conduct
transactions, such as banking, placing orders or providing any personal
information. Too often, public computers at libraries, airports or hotels
are laced with spyware. Keyloggers remember every entry you make. Very
few run any form of up-to-date antivirus software.
If anything, Windows Vista™ software is encouraging
more "connect anywhere" and collaborative computing with Remote
Desktop Connection. There are steps and precautions you need to take
to insure you can compute safely when using a Public PC or wireless "Hot
Spot"
connection.
Commercial "Hot Spots" or wireless access points (Wi-Fi)
are locations providing access to the internet without a physical connection
for your laptop or portable devices, such as cell phones & PDA's.
They have the same types of issues described above. Even with basic
scanning capabilities drive-by or localized scanners can intercept
your transmission.
The
most recent "hot spot" scam is occurring in airports across
North America- known as a "man-in-the-middle" attack. Intruders
set up their own hot spot in public areas on their laptops- near commercial
hot spots- coffee shops- UPS/Kinkco stores, etc. When you fire up your
wireless laptop, you may see "'free Wi-Fi" or
similarly named connection. By selecting this unknown freebie, you
could be actually connecting to a wireless peer-to- peer network created
by the intruder. (Yes- they might be sitting right next to you at the
next table or in the same flight lounge.)
For example, when you access the Internet to check you email or bank
balance, you will be using their Internet service connected through their
computer. This presents the perfect opportunity to view and capture everything
you are doing online. This includes all your usernames and passwords
entered for financial, personal and business web addresses. Should you
have file sharing turned on- they will have full access to your computer
and can transfer viruses & run spyware and bots- now and in the future.
One interesting twist is that the intruder can set your laptop up as
a "free Wi-Fi" location or ad hoc network- so the next time
you fire up your system acts as their "free Wi-Fi" service
with all the capabilities to steal information and repeat the whole process
with others. Hopefully not at your workplace, home or other places that
use wireless connections. Unfortunately- this type of intrusion can go
undetected since you will notice little or no changes to your system
and are almost impossible to track down. Caution- the words "Free
_____ anything" can put your information, system and others at great
risk.
Case in Point- We were at a Client's location when a hot spot
was being installed. Part of the testing process was to scan for other wireless
networks in the vicinity. This scan picked up every other wireless network
which in about a 500 meter radius. Only a few of the other wireless networks
were locked out. The majority could not have prevented drive-by scanners with
unencumbered access to their networks and Internet service. See more information
of drive-by pharming.
Having privacy- orientated applications running on your systems at all times makes good sense. To learn more about ways you can protect yourself from intruders see information on firewalls, encryption, data destruction , Hotel/ cafe hot spots and fighting spyware.
