Monday, December 3, 2012

Security Through Obscurity Is No Security At All

Do I Really Need to Worry About Security When I’m Using Public Wi-Fi?

by Alan Henry, lifehacker.com
April 30th 2012 10:00 AM

Dear Lifehacker,
I'm no idiot when it comes to security, and you guys have often mentioned how easily Wi-Fi networks can be cracked or how anyone can sniff out passwords and cookies. My question, though: How dangerous is it really when I'm sitting and checking my email at the coffee shop on the corner? I don't have anything that special or private in my email, and I'm usually only surfing the web. Do I really need to load up on VPNs and other tools when I'm all alone in the coffee shop or logged in at the library?

Sincerely,
Slightly Paranoid

Dear Slightly Paranoid,
You've brought up a great question. We do frequently discuss privacy and security, especially when it comes to public Wi-Fi networks, but is protecting yourself worth all of the fuss? We think so, and while we understand that VPNs and other security tools can slow down your system or be buggy and quirky at times, we have to fall back on the old adage, "Security through obscurity is no security at all."

Protecting Yourself Doesn't Have to Be Complicated

It only takes one lost email or online banking password, or one hacked Facebook account to turn your world upside down—or at least be a serious inconvenience for months. So ultimately, the real question is: Why tempt fate? It may be a bit of an inconvenience to use a VPN while you're trying to browse, or to use a password management tool so you don't use the same password in multiple places, but in the end, the real question you should ask yourself is whether or not you'd prefer the alternative if you go without any security at all. Photo by Laschon Maximilian (Shutterstock).

Considering that all of the essential security tools—including password management, antivirus and anti-malware, and even VPNs that can encrypt your web browsing—all come in free varieties, there's really no reason to not use them.

Want to keep your passwords safe, strong, and varied? We love LastPass, but KeePass is an alternative free, open-source option.

Microsoft Security Essentials will cover you from an antivirus perspective if you're looking for something great and free, and MalwareBytes does a great job at anti-malware.

As for VPNs, we've shown you how to build your own for top-flight security, or you can always opt for a free third-party VPN service like Hotspot Shield or CyberGhost. You have choices, and if one option isn't working well on your system, or seems to slow you down, there are plenty of others to try—so "it makes my computer slow" or "it crashes all the time" isn't a good excuse for surfing on public networks with no protection.

Sure, You May Be Alone, But That Doesn't Mean No One's Watching

If you're the only one in the coffee shop and you live in a small town, you're probably the only person on that network. That said, there's nothing stopping someone in the parking lot from pulling up to use the free Wi-Fi, or anyone in any of the buildings nearby hopping on to the coffee shop wireless to save some bandwidth or see what other people are doing. Just because it seems like you're the only person in the area doesn't mean you're the only person on the network, and this is especially true for larger places like libraries, airports, hotels, or convention centers with one large network that spans the entire area. Is your local coffee shop or favorite bookstore a haunt for black hats? Probably not—but it doesn't take a skilled hand to sit on a wireless network for giggles and pull down as many packets as they have time to collect. After all, we've shown you how it's done, and it's easy. Photo by Ed Yourdon.

Again, this is one of those "why tempt fate" kind of scenarios. The coffee shop on the corner is one thing. The library may be a more tempting target. The airport's "free public Wi-Fi" almost definitely has someone on it looking for juicy data, as does your hotel's network—you know, the one with FREE OPEN WI-FI as the SSID? Whether or not someone is riding that open network in order to steal passwords or because they're just curious, there's no reason for you to take the chance when you don't have to, especially when a good VPN will foil most—if not all—of their efforts. Rest assured though, there's someone nosing around that network, guaranteed.

Better Safe than Sorry

As we mentioned, protecting yourself doesn't have to be complicated, and if you have a layer of security software on your computer that's so thick you can barely use the system without it slowing down, it's time to take a look at the products you're using and see if you can find more lightweight options. They're out there, you just have to try a few and pick one that works best for you. The real likelihood that you'll personally be hacked or have a password stolen or have your identity spoofed and used for nefarious purposes is low, we understand that, but as long as it's not zero and as long as there are easy ways to protect yourself, we can't advise against it. Hiding in a crowd and hoping you're not the one to get caught is no substitution for learning to defend yourself. Photo by Gunnar Pippel (Shutterstock).

Are we probably a little paranoid? Yep. Do security analysts and experts often overstate the real risk of being hacked or having your information stolen in order to encourage good, secure behavior? Absolutely. But remember—no one ever talks about how often you won't get hit by a car when you walk out into the street without looking, or how often your house won't be burglarized if you leave the front door unlocked. You protect yourself because it makes sense to do so, and technology is no different. After all, it only takes once.

If you know what you're doing, know the risks, don't plan on sending or receiving anything sensitive while you're sitting at the coffee shop, and don't mind the idea of someone looking over your shoulder while you work, go nuts. We'd rather be safe than sorry, but ultimately it's your call.

Love,
Lifehacker

P.S. How do you keep your system protected when you're using open Wi-Fi networks? Do you bother? Share your tips for Slightly Paranoid in the comments below.

Have a question or suggestion for Ask Lifehacker? Send it to tips+asklh@lifehacker.com.

Title photo by Ed Yourdon.

Original Page: http://pocket.co/sh3Is

Shared from Pocket

^ed

No comments:

Post a Comment