Thursday, February 25, 2016

The future of public WiFi is blazing fast...and a hacker's dream. How to be prepared.

New York City has unleashed one of the world's fastest city-wide public WiFi networks, called LinkNYC. The city has begun turning old phone booths into hot spots boasting gigabyte speeds that surpass most home and corporate office performance. Built on a fiber back-bone across the city, and leveraging Passpoint (also known as HotSpot 2.0), New Yorkers can now enjoy a seamless roaming experience between WiFi access terminals like this one pictured below.


This is not unlike the technology that cellular carriers use to hand off mobile connections from one tower to the next without dropping your phone calls. Once you've connected to the network, there's no need to log in again as you move from one access point's coverage area into another.

And oh, the speeds! To give perspective, Wall Street Journal columnist Joanna Stern reports downloading a 1 GB video in 45 seconds on the new LinkNYC network, which is 8x faster than on Time Warner's cable network, 15x faster than at Starbucks, 20x faster than at LaGuardia Airport, and 32x faster than at a Hilton Hotel. It's enough to make her want to relocate her office to the street right next to one of these access points, despite the cold.

However, free public WiFi networks are already popular targets for hackers looking to tap into exposed data streams, and a high-speed network that keeps you continuously connected across the city is an even more attractive prospect for ill-intent. We've provided tips on how to be safe with public WiFi in the wake of WiFi Sense on Windows 10 in the past, and as public WiFi becomes more and more pervasive, consumers will do well to start learning the best habits now.

1. Practice good "digital hygiene" 
Digital Hygiene refers to general maintenance practices that make your personal information on-line more difficult for hackers to penetrate. Use strong passwords (at least 8 characters long, containing at least one number, one upper-case letter, and one symbol), and a unique password for each of your important accounts. These passwords should be changed quarterly in case one is compromised without your knowledge.

You'll want to set up a secure password manager to keep everything straight -- software that remembers your passwords for various accounts and stores them securely so you don't have to. LastPass, KeePass, and Dashlane are a few popular options.

Finally, setup two-step authentication for all of your important accounts. This requires a secondary code be sent to you (generally via text or email) to log into that account after you provide your password on unauthorized devices.

2. Ensure sensitive data you submit is encrypted 
When browsing on a public network, only enter your passwords on websites that include "https" and a pad lock icon in the web address bar. This indicates the site is using a valid SSL certificate and data you enter is secure.

3. Delete public WiFi networks saved on your device
Passpoint networks are an exception to this rule, as they check your authentication against a saved profile on your iPhone. This means you won't automatically connect to a look-a-like network that a hacker might attempt to setup. However, other public WiFi networks don't have this safe-guard, and if you keep the network saved on your phone, you will automatically join it (or a disguised network setup by someone with mal-intent) when it's in range, which could put you at risk.

4. Connect with a VPN
Using a virtual private network (VPN) connection might sound a little intimidating for most consumers out there, but setting one up is simpler than it sounds and is one of the absolute best ways to protect your data transmissions on public networks. A VPN connection basically creates a encrypted tunnel from your device out to the internet. Information sent this way is very difficult to tap into.

It's worth noting that even taking these steps is no guarantee that someone with the right technical aptitude can't steal your information. However, staying safe from cyber criminals is a lot like out-running a hungry bear. The truth is that humans can't outrun bears...but you can outrun other humans. In the sea of consumers connecting to public networks, cyber criminals are most interested in the ones who haven't safe-guarded themselves with the above steps, and they are unlikely to spend the extra effort going after someone who has.



No comments:

Post a Comment