Call Now: 805 498 0607 818 540 8576

My status

 

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills. ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network.

Firesheep lit a figurative fire under the feet of folks who otherwise weren’t concerned with the security of their data as it passes to and fro over a WiFi network in a public place. That’s good. You’re at risk whenever you use WiFi on a public network, but thankfully it’s never been easier or cheaper to secure yourself thoroughly.

Firesheep’s threat is that it allows anyone with a Firefox browser to hijack the sessions of anyone on the same network using a few dozen popular content, commerce, and social-networking sites by snarfing cookies that pass in the clear. But Firesheep is only the easiest to use of a series of freely available tools that can extract and record data passing openly over networks. The only way to defeat all of them is to secure all the connections over which you pass anything personal, financial, or confidential.

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

You have a variety of strategies to choose from, some of which are free and some of which have a modest cost attached. None are terribly complicated, but just require a commitment on your part if you feel at risk. Which you should. ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

In a companion piece to this article, we’ll provide advice to cafes and other public venues on how to enable basic password-security to provide an additional level of difficulty for fair-weather crackers, who will be deterred by a bar to sniffing traffic easily.

The full Monty: a VPN connection. A virtual private network (VPN) connection encrypts all the data between a device and a VPN server on the other end. For those of us who don’t already have a VPN service through work, you can rent the service by the month or year. I’ve long used and recommended WiTopia, which has services ranging from $39.99 for the lowest-end VPN service to $69.99 for a bundle of offerings, including SSL, IPsec, and PPTP connections. There’s also the veteran security provided Anonymizer, which has a $79.99-per-year offering that includes a VPN connection and anonymized browsing.

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

VPN clients are built into nearly every operating system, including mobile OSes like Apple’s iOS that don’t allow third-party software that interacts with low-level networking protocols. Depending on what set of devices you own, make sure the service has support for the right protocols. (Apple’s client supports five popular kinds of VPN, but omits a couple you might encounter.) ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

With a rental VPN, the server isn’t located in the office of a company with which you work, but rather in a data center somewhere else in the world. This defeats any local hacking and sniffing on the WiFi network, the Ethernet network to which WiFi is connected, and even the Internet service provider offering broadband to the venue in which you’re working. (It also bypasses local filtering and governmental intrusion, so long as the VPN itself isn’t blocked.)

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

Some people still don’t find that reassuring, because once your data pops out at the data center, there’s no further encryption from the VPN portion until it reaches its destination; the same is true for data making the return trip. Still, at that point, you’re up at the peering level of the Internet, where sniffing and hacking is much less likely. You can layer encryption with a VPN, relying on encrypted connections with websites and file-transfer servers to protect vital communications, and the VPN to cloak everything else. There’s no incompatibility there. ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

You can set up your own VPN server using free Linux software, or built-in options in Windows Server (several versions) and Mac OS X Server (since 10.4). This may be more trouble than it’s worth, however. You typically need multiple static and publicly routable IP addresses, and more knowledge than you care to acquire. Further, because every packet routes in and out of the server (in to the VPN, which decrypts the data, and then back out to the destination), unless you have high-speed upstream rate where your server is located, your roaming download speeds could be constrained by the detour. VPN-for-hire services in data centers don’t suffer that problem, as they’re backed by massive pipes.

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

If you work for a company that handles legal, medical, or financial data, or a corporation of any scale, your work laptop and mobile should already be protected when on the go by a VPN (virtual private network) connection. In fact, you might be forced to use a VPN by software that double-checks whether such a service is active before allowing you to communicate over the ‘Net. ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

Secure your e-mail. Just a few years ago, you could not assume that an Internet service provider would offer SSL/TLS-protected POP, IMAP, and SMTP. Now, it’s de rigueur, although no provider I’m aware of requires it. (SSL, Secure Sockets Layer, is the name for an older security spec now known as Transport Layer Security or TLS: together, SSL/TLS. The spec lets a client and server negotiate a secure connection using a third-party verification step to confirm the server’s identity. It’s used with the open Web, e-mail, and many other service types.)

You may already have secured your e-mail. Check your various e-mail clients on computers and mobile devices. Depending on the program, you may need to manually change the port number over which you connect to incoming and outgoing mail. Some clients just let you check a box labeled “Use SSL” or something similar to reconfigure settings to use the right ports.

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

This is typically port 995 for POP and 993 for IMAP. SMTP commonly uses 465 or 587. With SMTP, you sometimes have to monkey around with finding the right port and setting for obscure and outdated reasons. One port might require setting a mail client to request but not require a secured connection, for instance, while another only allows connections in which the client assumes security will be in place. Many mail hosts and ISPs have a guide or wiki for troubleshooting if your first pass doesn’t work. ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

When setting up a new mail connection, most e-mail clients are smart enough to ask whether or not you want to use SSL/TLS or “security.” Say yes! If your host doesn’t offer security, it’s time to find a new provider.

Webmail is now also widely available with SSL/TLS for an entire session. Hotmail, Yahoo Mail, and Gmail resisted that for a while, securing just the login portion, and only offered less obvious ways to have a secured session. Reality has hit, and it’s much simpler. In Gmail, for instance, you check a box in the General settings screen to “always use https.” From then on, every time you log in (which is always done securely), you’re redirected to an SSL/TLS-protected page.

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

Force secure Web browsing. This is an area still in its nascence. An extension for a browser or a built-in feature forces an SSL/TLS connection to a website that offers a secure alternative to a plain http connection even when you click a link or type in a URL to the unsecured location. As the cost and complexity of offering an SSL/TLS site has dropped for Web firms and the desire for security among users grown, an ever-growing number of major sites have both secured and unsecured flavors. This includes editorial sites such as the New York Times, Washington Post, and Wikipedia, where you would reveal more about your browsing habits than provide a lever for someone to crack open your behavior or act maliciously in your name. (Sure, they could leave ugly comments and bad wiki edits, but that seems rather childish unless you’re being targeted individually.) ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

The ultimate path for making this work is a proposal at the IETF (Internet Engineering Task Force), with the HTTP Strict Transport Security (HSTS) specification, which is the basis of a built-in forced-secure connection in Firefox 4, currently in beta. When this is finalized and adopted, and browser makers and website operators take heed, the general problem of unsecured connections will disappear, but only for websites that choose to recognize the problem. This may wind up being all of them.

In the meantime, you have to cobble together a solution. A VPN is the best alternative, but you can always layer this sort of protection on top of the VPN. Only Firefox (before 4.0) has true integration with an extension that changes the URL path before a connection is made. (If a connection is made first, then cookies and other data are sent insecurely, making the redirection less meaningful.)

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

For Firefox, you can opt for ForceTLS, an extension that interacts with sites that use the proposed HSTS method above. You can also opt for HTTPS Everywhere, an extension developed by the Electronic Frontier Foundation and The Tor Project. HTTPS Everywhere comes with a built-in list that can be modified. (An adaptation of HTTPS Everywhere for Apple’s Safari, SSL Everywhere, is undownloadable at this writing, although its development project is still alive at github. Safari doesn’t allow extensions to intercept URLs, only redirect, so there’s some exposure.) ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

Chrome users could opt for Use HTTPS, which can redirect specified sites to SSL/TLS versions, but according to the developer’s site requires some modifications by Google to make it work as intended. Opera 11 users can install Redirect to HTTPS, which connects to the non-secured site before redirecting for a modifiable list of sites. The developer says Opera 11 doesn’t provide interception of the request. Internet Explorer seemingly has no good way to offer interception or redirection.

Opt for secure sessions in other services. Checkboxes to secure services are everywhere, although you may have to hunt for them. For instance, the interaction between a standalone Twitter desktop client and Twitter’s interface for retrieving tweets and other data for that user can be secured separately from the always-encrypted login portion. In the client I use, Echofon for Mac, I have to open up preferences, click the Advanced button, and check Use SSL for All Requests.

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

Newer services tend to be designed with SSL/TLS encryption as an integral part. The cloud-sync file manager Dropbox, for instance, always uses encryption for all its communications, on top of encrypting the data it stores for you on its servers. Likewise, all the major Internet-hosted backup services, like Crashplan, Carbonite, and Mozy, employ at least one level of encryption for data transmission; some offer additional layers, such as PGP-based encryption for data is transferred. ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

Given the level of risk that’s currently understood, and the ease of a casual black hat or vandal hijacking information, sessions, and identifies, it’s hard to imagine that any company would make the bad decision to design and budget for an Internet-based service that wasn’t start-to-finish secured. It’s the first question any IT department would ask for business sales, and home and small-businesspeople have been sensitized because of the wide coverage of Firesheep.

The best advice we can offer is the first advice: a VPN connection. Anything else is partial, second best, or complementary. While it increases your hassle, it also removes the local-network risk that your sessions will become someone else’s property. ABComputer Repair certified computer security experts implement the latest security hardware for a secure business computer network in Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills.

How to stay safe at a public Wi-Fi hotspot, Computer Security, Westlake Village, Thousand Oaks, Newbury Park, and Agoura Hills

 

Servicing Computers Since 1995



Microsoft & Cisco Certified Computer Repair & Networking Technicians
Testimonials

I am the owner of a busy accounting firm a terrible virus crashed my computer and I had not back up my quickbooks data base in over two weeks. I was not able to boot my computer into the Windows desktop. The friendly knowledgeable technician at AB Computer Repair was able to get my clients tax information off the hard drive and recover my computer.- Max Swartz
Read More..
Call Now

805.498.0607
818.540.8576
AB Computer Repairs

AB Computer Repair is Southern California's leading IT support specialist. We proudly offer service for a wide range of brands and manufacturers, including:
Dell IT support including Dell Tech support in Thousand Oaks and remote Dell phone support. Offering professional computer repair at half the price of Geek Squad means you should call us first.
Do you need Hewlett Packard tech support? Not a problem. Our HP IT support is known throughout Westlake Village as being the best in the business. Calling AB Computer Repair for Hewlett Packard phone support (HP phone support) means a professional and friendly HP tech support specialist will be on the other side of the line.
Is your computer made in Japan? We are Conejo Valley's leading Japanese laptop repair specialists. Whether it be Sony IT (tech) support, Toshiba computer repair or phone support call us first. Our Panasonic Toughbook tech support is the best in the business, be it in person or on the phone with one of our Toughbook phone support experts.
We are Mac fans as well. Don't trust just anyone for your Apple IT support needs. Our Apple tech support specialists get the job done right, and right away. Contact us for in-home or office Mac tech support and Apple phone support. The new Samsung laptops are great and should be trouble free, but if you do have any issues call AB Computer Repair for Samsung IT (tech) support. Using remote desktop our Samsung phone support team can even troubleshoot and resolve most common issues like spyware and malware. Specializing in remote support for our Los Angeles and San Francisco customers. Contact us for affordable IT support in LA and San Francisco today.
We understand the negative effect downtime can have on businesses so we aim to minimize it for our clients. Our prompt Acer IT support in Newbury Park is highly rated by our customers. When you call our Acer phone support specialists for Acer tech support it means prompt service at a fair price. Call us today to learn why savvy Thousand Oaks business owners choose us. AB Computer Repair is proud to be Thousand Oak's cabling experts. We efficiently handling cabling jobs of sizes, including CAT5 and DSL.



Our Service Area:
Thousand Oaks, Simi Valley, Agoura Hills, Calabasas, Woodland Hills, Encino, Tarzana, Malibu, Beverly Hills, Camarillo, Newbury Park, Sherman oaks, Studio City, Ventura, Moorpark, West Hills, Westwood, Westlake Village, Hollywood, Santa Monica, Pacific Palisades, Brentwood, Los Angeles
Our Services:
Computer repair, Virus removal, Malware removal, Spyware removal, Server setup, Network setup, Hard drive replacement, Data recovery, Back up data, Apple iMac repair, Pc tuneup, Software installation
Follow Us:
 Facebook Twitter 

Enquiry:
info@thousandoaksitsupport.com

Zip Codes: 91360 91320 91361 93063 91302 91307 91364 91304 93012 90210 90272 90265 91303 91356 91335 93003 91316 91403 91604 90028 90024 94513 90405 90291