Click Here
advertisement
Security Watch : Don't get burned by viruses and hackers
Behavior
E-mail to a friend
Send us feedback
TalkBack
TalkBack:
Add your opinion
By Robert Vamosi 
Senior editor, CNET Reviews
September 15, 2006

Sitting in traffic in your own car, you're free to sing aloud or curse another driver. But in a crowded bus you would probably do neither. We seamlessly shift from private mode to public then back again several times during a typical day, and we never really think about it. The same should be true with our computer lives, but it isn't. Many people have one set of behavior for all of their computing needs, whether they are at home, at the office, or at a public terminal. I'm willing to bet that you can mitigate a majority of your security woes without security software, just by being aware of your environment and adopting different behaviors. That's not to say you shouldn't have security software; it's just that you can rest easier knowing that a little behavior modification on your part can go a long way to keeping your personal data secure.

Yours and not yours
Would you download and play sexually explicit MP3s at your desk at work? Even if that were your preferred choice of entertainment, chances are you wouldn't do this at work for fear of losing your job. Yet people who have adopted wireless-enabled laptops as their sole computer often don't recognize the security risks when shifting from using their laptop at home to a public network. After all, it's your laptop; you control the software contained within it, right? But on a public Wi-Fi network, you don't necessarily control the flow of data through the air to an access point; someone could easily eavesdrop.

I'm willing to bet that a majority of your security woes can be mitigated without security software just by being aware of your environment and adopting different behaviors.

At home you can (and you should) lock down your wireless connection. Change the MAC address for your laptop, hide your router's SSID, turn on encryption such as WPA2 to make it much harder for a criminal parked outside your house or living next door in your apartment building to gain a free ride on your Internet service. You are responsible for your IP address. If someone leached on to your Internet service and committed a serious crime, the authorities are going to see your fingerprints on that IP address, not some phantom wireless criminal. So start protecting yourself by locking down your home system first.

Going public
Now take that same wireless-enabled laptop to your local coffee shop or airport. First, you're still more likely to have your laptop stolen from your table than hacked by that latte drinker in the far corner, so keep an eye on your laptop, especially in a crowded room. But what if you suddenly find yourself connected (without any configuration at all) at the airport or a cafe? You might think: That's convenient. But you should really be thinking: Hey, how'd that happen?

If you didn't follow the above advice about locking down your connection, your Windows laptop might be blindly connecting to what it thinks is your home router. Say you have a Linksys router at home, and Windows XP recognizes Linksys as your preferred network name, and it always connects whenever you turn on your laptop (at home). But at the airport or cafe, where there is no Linksys network, your laptop might recognize that the laptop belonging to the person sitting next to you is also set to prefer Linksys and that their laptop has connected to the airport or cafe wireless network. If so, your laptop may form what's called an ad hoc network with the other laptop. Windows 2000 and Windows XP SP1 will do this behind the scenes, but Windows XP SP2 will at least notify you that it is attempting this connection.

Think before you type on any computer keyboard and, if necessary, adopt different forms of behavior when using a computer in private, in public, or at work.

Sniffing--and worse
You don't want an ad hoc network with a stranger. Ad hoc networks were designed for business collaboration, allowing users to share data between two networked computers. If an attacker wanted to snare other wireless users, he could deliberately set up an ad hoc network in a public space, then listen in--or sniff, as its called--on wireless traffic. He could also set up an access point, use the same name as the airport or the cafe, and by virtue of proximity, overpower the legitimate access point to relay your Internet traffic through his laptop--this is called a man-in-the-middle or evil-twin attack.

To disable ad hoc settings in Windows XP SP2, to go the Control Panel, click Network Connection, then Wireless Network Connection, right-click Properties, click the Advanced tab, then deselect "Allow other network users to connect through this computer's Internet connection." To disable File and Printer Sharing, go the Control Panel, click Network Connection, then Wireless Network Connection, right-click Properties; on the General tab you should see an option for File and Printer Sharing; make sure it is deselected. But to be on guard against an evil-twin attack in public, you'll need some security software, such as Trend Micro PC-cillin Internet Security, which will notify you whenever your wireless network connection changes.

Think before you type
Public desktop terminals are no better. If you're at a public terminal--say, a commercial or hotel business center or even your public library--think before you type. Remember, you're not at home; you have no idea who last used the terminal or what someone may have installed upon it. Chances are, the staff responsible for that public terminal doesn't know either.

In upstate New York a few years ago, several Kinko's facilities were victims of a keylogger; someone had slipped a device that recorded all of the keystrokes used by customers onto the keyboards. There could also be spyware on public machines, broadcasting your keystrokes to a remote third party. Limit your use of public desktop terminals to looking up something on Google. If you must access your Web mail account for some reason on a public terminal, remember to change your password soon after from a more secure location.

Always clean up after yourself
If you use a public terminal to browse the Web or check Web mail, it's a good idea to get into the habit of clearing the Internet browser cache and the history file when you finish your session. Say you logged in to Netflix and made an order, then typed in another URL. If you didn't log out of your Netflix account, the next person who sits down at that terminal could simply hit the Back button and resume your Netflix session. The results could be much worse if you had accessed your online banking.

Until it becomes second nature, think before you type on any computer keyboard. How is it connected? Who might have used it last? Is someone monitoring this traffic? After considering these questions, adopt an appropriate form of behavior, and you should be a long way toward keeping your personal information safe online.

Do you use public computer terminals differently than you use your own home PC? Do you surf differently with your wireless laptop in public than you do at home? Talk back to me.


CNET's free newsletters
Rob Vamosi's
award-winning
column on Internet threats and how to counter them 
Delivered Mondays
Sign up now        
All free newsletters



9/6/06
Pretexting: fraud by any other name

8/25/06
When Web 2.0 fails

8/18/06
JavaScript plus AJAX equals trouble

More commentary


Reviews & advice
All product reviews
Editorial policies
Meet the editors
How we test
Tips & tricks
Popular topics
Apple iPhone
Apple iPod
Dell
PlayStation 3
Wii
Windows Vista
CNET sites
CNET TV
Downloads
Forums
News
Reviews
Site map
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET