Malware risk on unsecured WiFi networks

Security camera

Image via Wikipedia

It’s something I have mentioned previously but it’s worth reiterating…. using unsecured WiFi networks put you and your precious data at risk. This is true not just when connecting to such networks via your laptop whilst on the move. It’s just as true when using your smartphone or iPad or iPod Touch, indeed any of the various types of devices that come with a WiFi ability.

“Consumers need to realize that mobiles, whether smartphone or tablet, are mini computers,” said David Gorodyansky, CEO of AnchorFree. “This means all the vulnerabilities of a computer exist, often with a less-protected OS.”

For companies and individuals, smartphone access should be a concern when that access is via unsecured mobile networks. For banks and e-commerce sites in particular, as well as consumers,  security has become much more important now than ever before.

So, what steps can you take to protect yourself? Well, just like when using your normal PC, don’t click on links in unsolicited emails (known as ‘phishing’ emails) and don’t respond to emails that you weren’t expecting, or from sources you hadn’t signed up to and certainly don’t click on links asking you to verify your logon details, in particular ones claiming to be from your bank.

Be wary of emails that come from social networks such as Facebook, MySpace and the likes of Twitter, especially if it’s not from any of your regular contacts. Spam is a real problem at the moment with these and there are numerous scams going around the social networking world at the moment.

It’s good advice to never give out personal information via email, smartphone or on the Web, and always verify independently  any unknown text or email message, game, application or security update.

Don’t logon in the first place to an unsecured network and instead use security all the time, using a VPN to encrypt and secure your browsing.

For more on the risks of malware on wifi and other networks read

You may also want to check out these excellent security sites:

Related articles

Enhanced by Zemanta

Wi-Fi Firesheep Hacking Tool Threat to Public Wi-Fi

Mozilla Firefox Icon
Image via Wikipedia

Firesheep is a Firefox add-on that it possible for anyone to hack into open Wi-Fi networks, such as those commonly found in public networks. Written by Eric Butler, it allows you to intercept cookies by Amazon,, Facebook, Twitter, CNET, Cisco, Dropbox, Google and numerous others. The technique is known as ‘HTTP session hijacking’ (or ‘sidejacking‘). The programmer also says its easy for any competent programmer to write their own plugins to add to the sites that can be hacked.

The captured cookies contain the login details of the unsuspecting user of the public network and will also display their photo and name in the browser sidebar. By double-clicking on the user you can then login to the site in question, just as if you were the actual user. The potential for anyone to exploit this for nefarious ends is frightening, and should make everyone think twice about using public (open) networks at all.

Butler has said that the only effective way to combat the vulnerability his Firefox web browser add-on Firesheep takes advantage of is for the sites to use full end-to-end encryption, known as HTTPS or SSL but many sites default to the HTTP protocol because it’s quicker.

Although you can download the add-on from eleewhere I am not including any links here to it as I don’t want to encourage such activity.

Enhanced by Zemanta

Oops! Google does it again – this time its apologising for collecting Wi-Fi data via ts Street View cars!

Image representing Google as depicted in Crunc...
Image via CrunchBase

Google has issued an apology after complaints that its Street View cars had collected samples of British householders Wi-Fi browsing without their knowledge. The breach of privacy happened whilst the Street View cars were driving by open (i.e. insecure) wi-fi networks whilst taking pictures for Google’s Street View map service.

After initially trying to brush off accusations of foul play, Google has now admitted that it “failed badly” and that it was all a big mistake. According to Google’s Head of Engineering and Research, Alan Eustace, its Street View vehicles had been grounded and they are working on deleting the data as soon as possible, claiming Google had acted as soon it became aware there was a problem.

However, it only became aware that there was an issue following a request by the German Data Protection Authority for an audit of all Wi-Fi data collected by the vehicles. In April, the DPA revealed that the data was being collected by Google. Google’s initial response was to deny there was an issue at all but they later retracted this original statement. None of this helps Google’s reputation and its desire to be seen as the company that ‘does no evil’. Certainly, following on from the controversy over its Buzz service and in light of press articles about Facebook‘s privacy policy, it highlights once again that consumers need to be vigilant about their online privacy. It’s also a reminder that we should make sure our Wi-Fi networks are as secure as possible, certainly, not having even WEP security is a to be avoided, though the more secure WPA/WPA2 is preferable.

Enhanced by Zemanta