Open WiFi Networks and (Lack Of) Security

I get asked about open WiFi hotspots and if they are secure lots these days. Examples would be certain hotels, restaurants, etc. My short answer - these days many are not secure and.... regardless.... you should always avoid using them. Here's why. 

Most public WiFi hotspots do not encrypt information going back and forth in the air and are not secure. There's lots of free hacking tools that just about anybody can quickly learn to use to get any information you send back and forth when connected to these networks. Here's some good guidelines originally published by the Federal Trade Commission:

Use these tips to tell if a Wi-Fi network is secure:

• If a hotspot doesn’t require a password, it’s not secure.
• If a hotspot asks for a password through the browser simply to grant access, or asks for a password for WEP (wired equivalent privacy) encryption, it’s best to proceed as if it were unsecured.
• A hotspot is secure only if it asks the user to provide a WPA (wifi protected access) password. WPA2 is even more secure than WPA.

Use these tips for a safer Wi-Fi experience:

• When using a Wi-Fi hotspot, only log in or send personal information to websites that you know are fully encrypted. The entire visit to each site should be encrypted – from log in until log out. 
• To determine if a website is encrypted, look for https at the beginning of the web address (the “s” is for secure), and a lock icon at the top or bottom of the browser window. Some websites use encryption only on the sign-in page, but if any part of the session isn’t encrypted, the entire account could be vulnerable. Look for https and the lock icon throughout the site, not just at sign in.
• If you think you’re logged in to an encrypted site but find yourself on an unencrypted page, log out right away.
• Don’t stay permanently signed in to accounts. After using an account, log out.
• Do not use the same password on different websites. It could give someone who gains access to one account access to many accounts.

As a general rule of thumb, an encrypted website protects only the information sent to and from that site. A secure wireless network encrypts all the information sent over it. 

How do you get around the connectivity problem? I recommend using a personal WiFi hotspot with security implemented. You can get yourself a dedicated device like the one I have or most smartphones can be used as a hotspot if you pay an additional monthly fee. Here's more information from AT&T on different personal WiFi hotspot options.

Reader Question: Is Someone Jamming My WiFi?

I recently received the following email message from a reader:

Hello,

I read some of the information you provided regarding Internet signals getting jammed intentionally and otherwise. Perhaps you can shed light on an issue. When our neighbors are NOT home, I can use a PC with wireless internet (set up in a room of my home facing their home) without ever getting knocked off the internet. When they ARE home, the signal repeatedly is lost. However, A laptop in another part of the home is rarely affected.

So I set up the laptop in the PC room and lost signals (when neighbor was home) on both machines (Provider rep. suggested I do this). Neighbor walks dog or otherwise is not on their property and there is no issue with signals. AND it is random. Usually neighbor comes in for lunch break and the Inet signal is lost.

Home from work and it is lost. I unplug wireless and it comes back. On and off. This is a new development (maybe two months. After the local police informed said neighbors to stop calling 911 to report bogus complaints on us, the signals began to drop. So we believe after police warned them to stop wasting 911 resources, they got a jammer and jam our signals at every opportunity to harass us. (Honestly, this is our first and hopefully last neighbor war. We don't know why they hate us so much but have been informed they hate everyone so we try not to feel too special.)

Question 1 - How can we test or otherwise determine the signals are being jammed (we are sure they are but need proof) and pin point the source? Prove or show great reason why the source is illegal.

Question 2 - How can we protect the signal from getting jammed?

Thanks for your insight.

I've written here in the past about the jamming of cell phone, GPS and Wi-Fi signals. Here's some ideas and possible answers to the reader's two questions.

Question 1 - How can we test or otherwise determine the signals are being jammed (we are sure they are but need proof) and pin point the source? Prove or show great reason why the source is illegal.

The best way to confirm someone is jamming is to use something called a spectrum analyzer. Wireless frequency spectrum analyzers are commonly used measure signals and interference. You could spend thousands of dollars on a full blown analyzer from a company like Agilent or use a 2.4 GHz USB spectrum analyzer from a company like MetaGeek. The company sells a 2.4 GHz analyzer for $99 that comes with software that will run on both PCs and Macs. According to MetaGeek, this analyzer will track all radio activity from any 2.4GHz device including WiFi, cordless phones, microwave ovens, Zigbee and Bluetooth. The software that comes with the device also graphically shows which channels to use and which ones to avoid. Here's more of when you would want to use a device like this from the MetaGeek website:

• If you install, maintain, or troubleshoot access points, find the open channel and minimize the interference.
• If you work with consumers, avoid a revisit by using a Wi-Spy in case they own a microwave or cordless phone.
• If you experience WiFi interference on a regular basis, discover competing access points.
• Conduct site surveys.

You could purchase one of these and, attached to your laptop running on battery, walk around your home looking for jamming/interference signals. If you want to get up unto the higher frequencies where the 802.11n devices have the option of operating (802.11n can use both 2.4 GHz and 5 GHz frequencies.), it will cost you quite a bit more money to measure interference. MetaGeek sells something called the Wi-Spy DBx, a 5GHz analyzer, for $599 that also comes with software.

You may also want to first try KisMac or iStumbler on an Apple machine or NetStumbler on a PC. These applications run on the computer and give you access point information including channels being used. Sometimes just swapping a channel can fix interference problems. For example, if your neighbor is using channel 6 you may want to change your access point to use channel 11.

Question 2 - How can we protect the signal from getting jammed?

If your neighbors are jamming your signal with a well designed jamming device, determining and using an open channel on your wireless access point won't work. If the jamming has been going on for a while chances are the jammer they are using functions only at 2.4 GHz. I'm I think the best thing to try (if you are currently running a 802.11g network) initially would be to switch over to an 802.11n access point and upgrade to 802.11n on your computers. If you have newer computers that may have 802.11n support built in.

You could run the 802.11n network at the higher 5GHz frequency which would be immune to the lower 2.4GHz jamming signals. This would be an inexpensive attempt that would also give you the bonus of much better network bandwidth and immunity from other interference sources (e.g some cordless phones, microwave ovens, etc) in you home.

I'm looking forward to hearing if this works.

Wi-Fi Direct

Tomorrow the Wi-Fi Alliance consortium (Cisco, Apple, Intel and over 300 other equipment manufacturers), will release something called Wi-Fi Direct - a technology that will turn (according to Business Week) turns gadgets into mini access points, able to create wireless connections with other Wi-Fi-enabled gadgets or broadband modems within a radius of about 300 feet.

Wi-Fi Direct enabled devices can be setup to automatically scan the vicinity for existing hot-spots and the gamut of Wi-Fi equipped devices, including phones, computers, TVs, and gaming consoles. They will then be able to connect to these devices in a peer-to-peer configuration. Two connected devices will not have to be both running Wi-Fi Direct, only one of two paired devices will have to be enabled to establish a connection. Here's more from Business Week:

The feature could boost usage of Wi-Fi capabilities in smartphones and television sets in particular. "It makes adding Wi-Fi to devices that don't have Wi-Fi more compelling," says Kelly Davis-Felner, marketing director at Wi-Fi Alliance. Marvell is already talking to makers of TVs, few of whom offer Wi-Fi connectivity today but are now considering adding the capability to let users wirelessly transfer photos and video from their Wi-Fi-enabled cameras, camcorders, and netbooks directly onto TV screens.

You'll be able to upgrade many of your existing Wi-Fi enabled devices. Expect to see enabled products like cameras, TV's, printers and just about every smart-phone become available next year and get ready for some pretty cool television commercials demonstrating the technology!