2
   

Using an unsecured WiFi signal

 
 
Swimpy
 
Reply Wed 11 May, 2011 01:22 pm
What can I do to secure my iPod Touch when I'm using a public wireless signal? Is it true that anyone with the know-how can easily see my email, passowrds and the like?
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Question • Score: 2 • Views: 8,654 • Replies: 43

 
View best answer, chosen by Swimpy
Swimpy
 
  1  
Reply Thu 12 May, 2011 07:59 am
@Swimpy,
Anybody?
0 Replies
 
Old Goat
 
  4  
Reply Thu 12 May, 2011 08:03 am
Hang on, Swimpy.....I'm just reading through your emails and bank account details which may take a little time.

And who on earth uses "fluffybunny" as a password anyway?

I'll get back to you as soon as I've transferred some of your money to my holiday account.
parados
 
  2  
Reply Thu 12 May, 2011 08:06 am
@Swimpy,
Here's an article to help you out...

http://pogue.blogs.nytimes.com/2007/01/04/04pogue-email/


The main thing is to make sure you only use secure websites.
Swimpy
 
  2  
Reply Thu 12 May, 2011 08:08 am
@Old Goat,
You're a funnyoldgoat, which, coincidentally, is my actual password.
0 Replies
 
Swimpy
 
  1  
Reply Thu 12 May, 2011 08:17 am
@parados,
Thanks, parados. If someone can easily see my activities, does that mean they can get my passwords? I never do banking or things like that on a public WiFi, and my email messages are pretty mundane. I just wonder if the iPod is more or less eavesdroppable than a laptop.
Cycloptichorn
 
  2  
Reply Thu 12 May, 2011 08:57 am
@Swimpy,
Swimpy wrote:

Thanks, parados. If someone can easily see my activities, does that mean they can get my passwords? I never do banking or things like that on a public WiFi, and my email messages are pretty mundane. I just wonder if the iPod is more or less eavesdroppable than a laptop.


Nope. They are both equally terrible when using an unsecured wi-fi network. Really you should avoid those at all cost, if you are going to be typing in any password or sensitive data at all.

Cycloptichorn
Swimpy
 
  1  
Reply Thu 12 May, 2011 08:35 pm
@Cycloptichorn,
So it's the keystrokes they can see not the stored password files?
0 Replies
 
Thomas
 
  2  
Reply Thu 12 May, 2011 09:34 pm
@Swimpy,
Swimpy wrote:
What can I do to secure my iPod Touch when I'm using a public wireless signal?

When browsing, see if your webpages work over a secure http-connection. (Check if the URL begins with "https" rather than "http".

When reading e-mail, check that both your incoming and your outgoing connection use the "secure socket layer" (SSL). On my iPhone, I do this by going to "Settings->Mail, Contacts Calendars->Your Account. Then I click "SMTP" for my outgoing mail and "Advanced" for my incoming mail, and say "use SSL". I can't guarantee that the menus are laid out the same way on your iPod Touch, but I wouldn't expect them to be radically different.

Passwords? Again, it depends on your connection. Check for the "s" in "https" on any page where you enter a password. Any password you enter over a mere "http" connection can be read by intermediates.
Swimpy
 
  1  
Reply Thu 12 May, 2011 10:01 pm
@Thomas,
Hmm...that's a little tricky on the Touch. For example, this website we're on right now isn't secure as far as I can tell. The URL address bar doesn't show the http part. I need to check my email settings. Thanks, T.
maxdancona
 
  4  
Reply Thu 12 May, 2011 10:26 pm
@Swimpy,
Using secure sites (i.e. with the https, and the little lock symbol) are reasonably safe. The are safe enough even on public wifi. Banks use https. There isn't too much risk to logging onto your bank with your laptop on a public network (I would never use a public laptop to do this, but that is a different issue).

Of course, if you log on to an unsecure site, such as able2know, there are lots of ways for people in the room to get your password. I actually use able2know from public networks because I don't think there is much risk to someone wanting to use my able2know account (they certainly won't make any money). If someone gets my able2know password, no biggie.

Of course this brings up one of the biggest blunders people make on their internet security-- internet passwords.

If your bank password (that is the key to real money) is the same as your able2know password (that is key to messages that aren't worth any money), you are making a real stupid mistake.

For that matter, if you able2know password is the same as your email account password, you are making the same stupid mistake in a little more indirect way. If I have your email account password, I can tell your bank that I am you and the bank will send a password reset message to your email which (since I have your email password) I can receive.

In summary, it is very important that your email password is completely different than you bank password which is completeley different from the passwords you use for anything else (i.e. social media).
roger
 
  2  
Reply Thu 12 May, 2011 11:21 pm
@maxdancona,
Those are some good points, Max. Thanks.
0 Replies
 
Thomas
 
  2  
Reply Fri 13 May, 2011 05:08 am
@Swimpy,
Swimpy wrote:
Hmm...that's a little tricky on the Touch. For example, this website we're on right now isn't secure as far as I can tell. The URL address bar doesn't show the http part. I need to check my email settings. Thanks, T.

A2K doesn't need to be all that secure anyway, because our communications here aren't terribly secret. When anyone can read your posts on the website, why bother intercepting what you're posting? But when I'm on A2K or similar sites, I never use the same password that I also use for banking, or for any use that needs to be private.
0 Replies
 
Thomas
 
  2  
Reply Fri 13 May, 2011 05:47 am
... or in other words, listen to maxdancona.
0 Replies
 
Swimpy
 
  1  
Reply Fri 13 May, 2011 10:50 am
@maxdancona,
Thanks, max. I suppose those are good suggestions whether you're on a WiFi link or not. I do have a separate password for this site and another much more safe one for banking. I don't do my banking at WiFi cafes and such.

This queeziness started when I was at an oasis on I-90. There was wireless and I wanted to Google something. There was a guy just sitting with his laptop a table or two away. For some reason I got paranoid and thought, "What if he can see what I'm doing?"

I figured that anonymous web surfing is pretty low risk, but wasn't really sure what these hacking programs can see once they lock into your signal.
parados
 
  2  
Reply Fri 13 May, 2011 10:55 am
@Swimpy,
They can see everything you send out and get back. Even if you use an https site they can log all the packets you send and then spend the next year breaking the encryption to try to steal passwords or other info. It can be done but in most cases no one would bother.


I won't go into how they can make attacks on your computer itself. Unless you have enabled remote desktop or another remote access program, they won't have too many ways in to steal files.
0 Replies
 
Cycloptichorn
 
  2  
Reply Fri 13 May, 2011 10:59 am
@Swimpy,
Yeah. I can think of several other possible attack vectors over an unsecured wi-fi signal as well, not the least of which is spoofing the router and doing a full intercept, in the way Parados described.

I really don't recommend logging into ANYTHING over an unsecured connection.

Cycloptichorn
DrewDad
 
  3  
Reply Fri 13 May, 2011 11:23 am
@maxdancona,
maxdancona wrote:

Using secure sites (i.e. with the https, and the little lock symbol) are reasonably safe. The are safe enough even on public wifi. Banks use https. There isn't too much risk to logging onto your bank with your laptop on a public network (I would never use a public laptop to do this, but that is a different issue).

I have to disagree.

When you use an untrusted network (wireless or wired), you open yourself up to a man-in-the-middle, or relay, attack.

There are free tools to allow the capture of passwords even if you are using HTTPS, because the attacker pretends to be the secure site. You talk to the attacker, the attacker talks to your bank, and just quietly gathers the info for later use.
Swimpy
 
  1  
Reply Fri 13 May, 2011 11:30 am
@DrewDad,
Is that true for smart phones and other wireless devices? Can they be intercepted in the same way?
Cycloptichorn
 
  2  
Reply Fri 13 May, 2011 11:40 am
@Swimpy,
Swimpy wrote:

Is that true for smart phones and other wireless devices? Can they be intercepted in the same way?


For data transmitted over a wi-fi connection, yes - they are just computers, after all.

Cycloptichorn
 

Related Topics

Recording Detector - Question by gollum
Bad picture on my Sharp LCD TV - Question by hydroplant
LCD TV. Help! - Question by kolinos4
p3 or 360 and why - Question by XxGWOPBOYZxX
Post your latest gizmos - Discussion by Chumly
IPOD OR ZUNE HD? - Discussion by detroittou
Giving up my iPod for a Walkman - Discussion by djjd62
Digital audio in your home sound system - Question by hingehead
 
  1. Forums
  2. » Using an unsecured WiFi signal
Copyright © 2024 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.06 seconds on 12/22/2024 at 11:13:48