Open Thread: How Safely Do You Surf?

surfingDo you ever wonder if you should be surfing more safely? Maybe your home wireless network isn’t secure. Maybe your usernames and passwords are floating around the coffee house wifi network, just waiting to be stolen. Maybe you need to set up a virtual private network. It’s hard to know what the true risk is — and what you should do to be reasonably safe.

Let’s look at the dangers of wireless web surfing and what you can do to work around them. Then share your own approach to safe surfing in the comments.

Here are a few things you should know about safe wireless web surfing:

The majority of public wifi hotspots don’t use any encryption at all. That makes it easy for you to get on but also makes it easy for people to see what you’re doing online. Without encryption, traffic between you and the access point is sent in clear text (with some exceptions, described below).

This holds for your home network as well. If you haven’t enabled security like WPA on your access point, your web surfing activities are happening in plain view of anyone nearby with a sniffer. Your biggest risk at home, though, is neighbors piggybacking on your Internet connection, not bad guys sitting in front of your house trying to steal passwords.

Your most sensitive accounts and activities are probably safe anyway. If you access a web page that uses an “http://” prefix rather than “http://” on the URL, any data you send or receive will be encrypted using secure sockets layer (SSL). Your bank certainly uses SSL for any interactions regarding your account, so you can probably safely pay your bills while working at your favorite coffee house. When you shop online, make sure the page uses SSL, especially if you’re entering your credit card information.

Many web applications you’ll use don’t provide SSL access, though. So your username and password for such accounts will be available to those who want to get it (and know how), unless you use a VPN or otherwise encrypted network (like WPA on your home router). Also, if you telnet or FTP with your web host that username and password becomes available too. Use the secure versions of these protocols instead: SFTP or FTPS for file transfers, SSH for remote host login.

Gmail will use SSL not just for authentication but for your emails too, if you force it. Use the Firefox add-on CustomizeGoogle to always use SSL for Gmail, or just ensure you use “http://mail.google.com” each time you access your mail. By default, Gmail will use SSL only for your login information, not for emails you send or receive.

Other web mail sites like Hotmail and Yahoo! only provide SSL security for login. So if you’re concerned about someone seeing what’s in your mail, don’t use it while on public wifi without any protection. Sometimes websites will transmit your usernames and passwords by email, so this is a potential risk area. Also, if you are dealing with super-secret competitive intelligence about your Internet startup, maybe that’s something you want to protect.

You may be able to encrypt your instant messages. IM aggregators Trillian and Adium come with some encryption built in while Pidgin supports an encryption plug-in. Do you need your IM encrypted? Not if you think of it like a phone conversation that people can eavesdrop on if they like. Most instant message conversations would be extremely boring, but if yours aren’t encrypted, be careful what kind of information you exchange through them.

If you use a corporate VPN, it may not secure all web traffic. Many corporate VPNs only encrypt the traffic that’s going through the company network, like Exchange email. If you access your personal web mail account, for example, you’re not protected unless you make other arrangements.

A personal VPN will give you broad-based coverage and confidence. It encrypts everything, so you don’t give bad guys any access to your private information and communications. You don’t have to wonder whether what you’re doing is safe or not. Most people, however, don’t go to the hassle (in the case of free solutions) or expense (in the case of easier-to-use for-fee solutions) of setting up a VPN.

What about you? What steps do you take to make your web surfing safe?

loading

Comments have been disabled for this post