Open WiFi On The Boat And Firesheep And Other Man-made Disasters

One of the most visited pages on this site and our Sea Trek site are the postings for our simple and inexpensive WiFi system that we have been using for years. Many of our cruising friends use WiFi, as we do, to get online, gather weather information, send and receive emails and do all of the other things people do through the Internet. For years, we have used available WiFi, whether from an open access point or from a marina, hotel or restaurant. If anyone has been on a boating site lately, the discussion has turned to Firesheep, a program designed to allow anyone with it on their computer to access your Facebook page while you are logged in and do anything you can do. There is one fellow out there, I won't mention his name, that has been on every boating discussion board on the net, doing his absolute best to scare the crap out of anyone that will listen. This fellow is making some claims that would lead the less educated in all things computer to believe that if a 12 year old has Firesheep on his computer, he can steal your life, take over your identity and clean out your bank account. He would have you believe that if you use any open WiFi, the sky will fall and life as you know it will end.

I suppose there is some motivation for folks to do this and some folks are very good at it. By using these fear tactics, they can announce to the world that you are in great danger and they are here to save the day. I like to call this the Mighty Mouse Syndrome. For the minions that hang on to this individual's every word, it represents something akin to a savior. For the rest of us, it simply creates a lot of anxiety and confusion. Instead of "MY GOD, YOU ARE IN GREAT DANGER," how about, "there is an issue we should all be aware of and I might make some suggestions as to how you can protect yourself." Of course that does not make one seem so important and all powerful. But, I would like to make you aware of an issue and offer some suggestions on how to protect yourself. Now keep in mind that I am not an expert in this field and do not now, or ever have, proclaimed to be one. What I would like to pass on is what has worked for us, and if you would like to use some of our suggestions, great. If you are still confused or unsure, consult a true expert in the field. Be sure they are indeed a true expert and have no nefarious intentions.

First to Firesheep and how much of a threat it might be to you. As I understand this, Firesheep allows someone to grab the cookies from many of the social networks like Facebook, Twitter or Flicker and have the ability to do whatever the real user can do. Now, this is something to consider as a potential threat, to a point. Firesheep only works with Mozilla Firefox browsers. So if you use Internet Explorer, it won't work. This is a free, open source piece of software put out on the net for anyone to download by a fellow named Eric Butler, so he could prove a point and perhaps he has. What I have learned is that Firesheep cannot hijack your computer, get your bank records or allow someone to obtain a credit card in your name. It will allow someone to post on your Facebook page or other social network pages and add or delete your pictures, etc. It will not give them your password since the login page is encrypted. Susan has a Facebook page and I would not want someone doing that, but it would be an annoyance and not earth shattering.

Since the Internet went public, people have been designing ways to get into your computer and grab your personal information. This is nothing new and will probably not change in our lifetime. Firesheep is not one of these programs, but they are out there and it does not matter whether you are using an open WiFi, a secure WiFi or a wired connection. There are ways and people capable of getting in, but they are usually not interested in you and I, especially if we don't make it really really easy for them. So I did say I would share what we do to try and secure our computer and our online activities.

A couple of years ago, I researched a software product called Truecrypt that will encrypt your entire hard drive on your computer. The program is completely free and has had some good reviews and feedback. Once you computer drive is encrypted, no one can access any information without your password. That is important should your computer ever be stolen. It will not interfere with the operation of your computer in any way and is fairly easy to set up. This type of security is great for those of you that have really become paranoid with all of these doomsday reports lately.

One step we took some time back was to do a better job of securing our WiFi and Internet connections, no matter what we used. Sitting in an Internet cafe in Belize or Guatemala, we often wondered who was watching us electronically. We were careful not to do any banking or serious personal work over these connections and that is still good advise today. But we did find that there are ways to encrypt your Internet activities by using a VPN. VPN stands for Virtual Private Network, and a VPN is used to secure data across a network. Even if someone could intercept your data, all they would see is a jumble of gibberish. A VPN is a very simple and easy solution for boaters looking to protect themselves whether on an open WiFi or using your local marinas secure access point. It will also protect you on a wired Internet Provider. One short side of VPN is that the VPN provider itself will be able to see your activity. So knowing the provider is as important as using a VPN, maybe more so. This is complicated by the fact that there are hundreds of VPN providers out there and little in the way of reviews and user feedback. When you use a VPN, it activates an encrypted "tunnel" through your internet connection to the server of the VPN provider. Once it reaches the providers server, it is decrypted and sent on to its intended destination. When the data is being sent back to you, it goes through the VPNs server and is again encrypted before it is sent to you, so once again it can not be accessed by anyone.  Many VPNs will also provide you with a spoofed IP address that can not be traced by anyone, giving you even further anonymity. All of this happens in nano seconds so you don't see any difference in your Internet experience. A VPN is a very easy and basic step to help secure your WiFi or other Internet data. If you did nothing else, this will help considerably. Do your homework and research before choosing  VPN provider since not all are the same. We used a well known provider for over a year and then their service went straight to hell. Look for the most current reviews and feedback from users.

We also use several software programs on our computers, many are free. For overall Internet protection, we have used Comodo Internet Security for a few years now. It is totally free and has been a good performer in protecting us online. We don't tend to visit potentially harmful sites, but if we get redirected, Comodo has kept us safe. They have received many excellent reviews and recommendations from other trusted sites. The Internet Security suite contains an anti-virus program and a firewall, both needed to protect your computer. We also use a couple of Malware programs. We have used Ad-Aware for a long time and they too have a free version. Many of these free versions also have paid version if you need added security. We also use Malwarebytes and Superantispyware to round out our Malware software. Another recommendation we have just begun using and like very much is IObits which is a more comprehensive program with several useful tools. We use the free version of all of these and they do root out lots of things we don't want on our computer.

So, do we fear that our lives will be stolen if we use WiFi and open WiFi in particular? No we don't, but keep in mind, that is our opinion and we suggest the everyone make their own informed decision based on facts and not smoke and mirrors from another Mighty Mouse, here to save the day. Does that show my age? Now that these individuals have generated so much attention to products like Firesheep, there are probably thousands of people out there downloading it and trying it that would probably never have heard of it or considered it until now. There are always going to be people out there trying to steal your information by whatever means they can. You can do a couple of things to protect yourself and go on with life as usual. Or you could get off line forever and toss your computer into the deepest part of the ocean. As one poster suggested on another site, you could encase it in concrete and use it as a door stop. We don't let the fearmongers control our lives, we control our lives. Unfortunately, today there is too much misinformation and sensationalizing going on around everything we do. It is difficult to sort through the half truths, exaggerations and sometimes downright lies to know what is right and what is bull. I don't know if this information helps or makes things worse for you, but since being able to get online has become important to us and many other cruisers, I thought it should be something for me to share and comment on.

We are working on an upgrade for our WiFi system, that is how committed we are. I will be posting soon about that and how it has been working out so far. I plan to consolidate the two WiFi posts already up and the update very soon. So stay in touch and let us know what you think about this subject.

How do you feel about all of this? Are you concerned, frightened, don't really care? What have you done to make yourself more secure online? Leave a comment and let us know.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.