Vacation WiFi: What Networks Can We Trust?

I was recently on vacation with my family in Ocean City, Maryland. As I powered up my iPad from our fifth floor condo on 136th Street, more than a half dozen wireless networks popped up. I asked myself: Can I use (or trust) any of these? Are they free? Is it worth the risk, if they are?

by / June 30, 2012 0

 I was recently on vacation with my family in Ocean City, Maryland. As I powered up my iPad from our fifth floor condo on 136th Street, more than a half dozen wireless networks popped up.  I asked myself: Can I use (or trust) any of these? Are they free? Is it worth the risk, if they are?

The names were intriguing to me, ranging from Netgear58-5G to Oceanside136 to OceanNet Public Internet ST to Wireless Beach Access.  Some of these networks had locks next to them and others did not.  Clicking on a few of the options, I received a splash screen asking for a credit or debit card numbers. The price for access ranged from $4.99 for one hour to $9.99 for 24 hours to $42.99 for one month (31 days).

Others WiFi networks asked for a password, and I am happy to report that the networks were fairly secure. (My son wanted to start guessing passwords based upon the network names or Ocean City street names or boardwalk trivia, but I persuaded him not to go there.)

In case you’re wondering: no, I did not connect to any of these hotspots, and my wife and I preferred to use our Verizon data plans instead. This meant we had to up the number of minutes on her monthly data account, and that cost us an additional $20. I did use the free McDonalds WiFi, and the free WiFi at another restaurant but passed on the others.

But this situation leads to a series of questions that I’d like to address for travelers, such as: are any of these WiFi networks safe? Plenty has been written about airport Internet access and free WiFi in hotel lobbies, but what about wider issues for families traveling on vacation? Are there tips regarding which networks we can trust? Are there certain traps we should avoid?

First, how safe are free public WiFi networks? Well this video claims that WiFi hacking is the fastest growing consumer crime in America. This ABC News video on WiFi networks is also worth viewing.  Here’s another good video on WiFi security from central Indiana. One message that is clear is that hackers are setting up fake hotspots to view your personal data.

If you do connect to free WiFi networks, you need to understand the risks and the lingo. Check out this article, which described the different buzzwords that are important.  From sniffing to sidejacking to honeypots, this picture offers a great summary of the relevant terms.

Free Wi-Fi: Friend or Foe?

Infographic by Veracode Application Security

 

Here are some more helpful tips that I found along the way: Five rules for (safely) using public WiFi networks.  I’ve abbreviated the list here, but click on the article for more details:

  1. Don’t connect to networks with strange names
  2. Dial ‘S’ for ‘security’ (use https – encrypt data in motion)
  3. Make like Fort Knox (use defense in depth with an encrypted storage vault)
  4. Flip the switch (turn off network when not being used)
  5. Lock it down (your laptop)

Also, here’s an extended list of tips for using WiFi networks when traveling (the list is from Symantec).

One simple tip is to use a trusted network from the resort or hotel that you’re staying in – if available, such as Disney’s free WiFi. But even if you trust the source, the safety tips are still important to help.

 

Another good tip is to ensure that your personal firewall is enabled on your PC.

Bottom line, using public WiFi remains a minefield. While avoiding free WiFi is probably not practical for most people, we need to take steps to protect our computers and our families when traveling. Understanding your options is a good first step, but we need to take action on know steps to protect our data on vacation.

Any WiFi tips to share? I’d love to hear about your experiences, so leave a comment.

  

 

Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso