V-Flyer

Don't you good people worry about security when using this in so many places? I keep hearing about how flawed it is - I have wifi at home and have done the recommended - changing admin names, locking MACs, as well as the usual firewalls and anti virus software - but hey, when you're using a hotspot, surely it's all far less controlled and assured?

Come on everyone, yell at me and put me right! [}:)]

Originally posted by catsilversword
Don't you good people worry about security when using this in so many places? I keep hearing about how flawed it is - I have wifi at home and have done the recommended - changing admin names, locking MACs, as well as the usual firewalls and anti virus software - but hey, when you're using a hotspot, surely it's all far less controlled and assured?

Come on everyone, yell at me and put me right! [}:)]

Did you happen to watch the real hustle this week. It dealt with a type of 'phishing' scheme hijacking a wireless signal. Whilst this can be done you just need to ensure that you use your intelligence not to fall foul of these scams

If for example you are in an airport lounge and you connect to a page that say something like 'Joe Bloggs Internet Service' something isn't right. Check the page carefully looking for insecure pages (padlock missing from bottom corner of browser), urls that don't look right. any url with an IP address instead of a name should be treated as suspicious until you know better.

Computer fraud along with a lot of non computer fraud is mainly about trying to fool people. Keep your wits about you. If you went in WH Smiths to buy a magazine and a stranger walked up to you and said you could pay them for it, would you? I think not. So just take the same steps when using wireless and any other forms of unknown computer connection.

Paul

Originally posted by p17blo

Originally posted by catsilversword
Don't you good people worry about security when using this in so many places? I keep hearing about how flawed it is - I have wifi at home and have done the recommended - changing admin names, locking MACs, as well as the usual firewalls and anti virus software - but hey, when you're using a hotspot, surely it's all far less controlled and assured?

Come on everyone, yell at me and put me right! [}:)]

Did you happen to watch the real hustle this week. It dealt with a type of 'phishing' scheme hijacking a wireless signal. Whilst this can be done you just need to ensure that you use your intelligence not to fall foul of these scams

If for example you are in an airport lounge and you connect to a page that say something like 'Joe Bloggs Internet Service' something isn't right. Check the page carefully looking for insecure pages (padlock missing from bottom corner of browser), urls that don't look right. any url with an IP address instead of a name should be treated as suspicious until you know better.

Computer fraud along with a lot of non computer fraud is mainly about trying to fool people. Keep your wits about you. If you went in WH Smiths to buy a magazine and a stranger walked up to you and said you could pay them for it, would you? I think not. So just take the same steps when using wireless and any other forms of unknown computer connection.

Paul

No, I didn't see the programme, but I am well aware of many of the scams going on. I didn't know about sites with and IP address, rather than a name - but that would definietly flag up to me as not being right. Not all sites have padlocks on every page though, surely? This site doesn't!

As long as you have a personal firewall enabled and a decent AV program, you're about as good as you're going to get in an unsecured environment.

Personally, I always tunnel through our corporate VPN (with firewall/AV enabled on my local machine) when using a pay/free wifi service, so I'm pretty sure my data's as safe as I can expect it to be.

You're right, not every page has a padlock. V-Flyer does padlock, but only when you're going into the secure area to book a hotel reservation.

Re Padlocks, this was only meant when you are tranferring items such as credit card data. And even then this isn't fool proof, but I would never transmit CC data over a non secure connection.

Paul

Originally posted by p17blo
Re Padlocks, this was only meant when you are tranferring items such as credit card data. And even then this isn't fool proof, but I would never transmit CC data over a non secure connection.

Paul

Yeah, that was my understanding too - padlocks for something like paying. My eyes always fly down the bottom, right-hand corner to check for that... and even then..... who knows just how secure it is?

The process that a webpage goes through to set up a secure connection and get a padlock at the bottom is about as secure as it is possible to get. And once that secure connection is made it is pretty uncrackable..... I could dig out an old Open University Course that I did that explained this process in pretty simple terms, but I'm sure someone here can give us a refresher course!

Its interesting to see everyone concerned about padlocks on their browser !!! ........ none of us worry about handing over a credit card in the garage to pay for petrol or writing a cheque and handing it over to a shop...... 99 times out of 100 when you purchase on-line you are giving out less information than in the 2 scenarios above...... Online banking of course is a different ball game and you are reliant on the secure technology of your chosen bank....providing you stay within their guidelines you shouldn't go wrong.

One of the most insecure everyday things that we all overlook is our email !! particularly the average home user...... most of what you type and send can be clearly seen by someone with the will to look !!! (takes a bit of effort but is easily done) .... even your password each time outlook or outlook express checks your pop3 mail server.

I always work on the theory that if you dont want someone to see it then encrypt it.... if not as has been said before if you have a good firewall and AV installed you cant do a lot else !!!

Food for thought [y]

regards

Mark

I always see my email akin to sending a post card through the mail. Once you think like that you don't send anything you wouldn't want your postie to see.

Paul

Or put another way, it's like sending your holiday photos off for developing. Don't send anything you don't want them all having a giggle at in the lab.

Originally posted by sailor99
Or put another way, it's like sending your holiday photos off for developing. Don't send anything you don't want them all having a giggle at in the lab.

All very true. I have heard about encrypting email, but haven't the first clue as to how - can you do it via a regular web-based email service, for example?

As for garages and stuff - yeah, that worries me - though the one I use has a fast card facility, so done without any cashiers. Nevertheless, mr cat had his card cloned around 18 months ago - he never buys online, so the cloning has to happened at either a garage or restaurant - this was before chip and pin as well. Yeah, cloned and used to the tune of around £8k.... [:(]

Well apparently one of the features of chip and pin was that you should never has to give up your card. But as soon as you go into M&S they 'wont let you' put the card in the machine yourself and you have to hand it over! They should hurry up with the biometrics that you can also submit over the internet and phone.

Paul

All very true. I have heard about encrypting email, but haven't the first clue as to how - can you do it via a regular web-based email service, for example?

Claire

Depends how often you want to send sensitive stuff by web based email and depends which service you are using ...... but if its just the occasional item then the best thing to do is send whatever it is as an attachment, the attachment being an encrypted 'container'of some sort.... depending on how sensitive it is determines what you use as the 'container' ........ PM me if you want to know more.... (and im not boring the pants off you ).........

Regards

Mark