It's becoming ridiculously easy to get online while you're out and about. Anytime you see a Starbucks or a Borders Books and Music store--even a McDonald's--there's a fighting chance that you can purchase wireless Internet access from the T-Mobile HotSpot service. Buy soup and a sandwich at a Panera Bread store, and you might even be able to hop on its public-access Wi-Fi for no additional charge. (Panera recently brought 360 of its cafes into the 802.11b fold.) And a quick check of CNET's own Hotspot Zone shows tens of thousands of other places where you can get pay-as-you-go wireless Internet access.

Pervasive Wi-Fi access is a great convenience, but frankly, it's beginning to worry me.

Big numbers don't impress me nearly as much as the experience I had last week on a deserted road in the middle of the Allegheny National Forest. I pulled over to empty my digital photographs onto my notebook, but as soon as I fired up the computer, it found a public-access Wi-Fi network operated by a lodge that I couldn't even see from the road. If you can get roadside Internet access in the middle of a forest in northwestern Pennsylvania, you know Wi-Fi is catching on.

But I'm not writing to celebrate pervasive Wi-Fi access. It's a great convenience, but frankly, it's beginning to worry me.

Cappuccino-swilling script kiddies
You're just not safe enough while you're out and about with wireless. I witnessed evidence of this fact while waiting for my daily barrel of cappuccino to foam up at my local coffee shop. I tend to people-watch while I wait, and something about a couple of youths in front of one notebook had me concerned. I didn't know whether they were surfing for porn (something I strongly object to in a place where little kids are running about), so I discreetly took a look at the screen. What I saw was even more troubling: these punks seemed to be scanning for wireless clients.

HostAP can be misused for a wireless hacking technique called malicious association. That's something you don't want to happen to you.

I took only a brief look at the Linux notebook, but it appeared to be running a program called HostAP, which acts as a wireless access point. Unfortunately, they snapped the notebook shut before I could get a good look, but it was enough to get me worried. There's nothing intrinsically wrong with HostAP; it's a useful tool in the right place, but that place is not a coffee shop. In such situations, HostAP can be misused for a wireless hacking technique called malicious association. That's something you don't want to happen to you.

When your notebook has wireless networking enabled, it sends out beacons to locate wireless access points. If a hacker's laptop running HostAP receives a beacon signal, it can respond and associate the victim's laptop with its bogus wireless network. If your notebook hasn't been secured, the hacker can then assign network settings to it, inviting the hacker to associate with the victim's PC. At this point, the victim's notebook is a hacker's playground. He or she can steal the security settings of your home or office wireless network, clone your wireless device's MAC address to impersonate your computer on a secure corporate network, and generally violate your space.

Lock down your laptop
None of this should completely put you off using Wi-Fi hot spots. You should, however, use some precautions to avoid getting hacked by snickering script kiddies. Here's what I do to keep safe.

Turn on firewalls. Software firewalls are any network connection's first line of defense against an outside attack. If you've been drawn into the Windows XP SP2 whirlpool, you're most likely covered. (Yes, we know that SP2 isn't the best firewall on the planet, but it still protects you from outside interference, so let's give a little credit where it's due.) If you're not sure that you're secure, get thee to Zone Labs and download ZoneAlarm.

Don't share. Forget what you learned in kindergarten: sharing is bad. Turn off file sharing on your portable PCs and leave it off. In Windows, open My Computer and make sure that there's no little sharing hand holding any of your disk drives. If there is, right-click the drive, select Properties, click the Sharing tab, and remove the sharing check marks. On Macs, open the Sharing Setup control panel. In the File Sharing section, you should see the message "File sharing is off" with a Start button beside it. If you see a Stop button instead, click it.

Turn it off! They can't hack you if you're not connected. So when you're not online, pull the PC Card from your notebook slot. If you're using a Centrino-based laptop, use the manual radio switch if there is one or right-click (or double-click) the wireless-connection icon in the system tray and select Disable.

Disabling or disconnecting your wireless connection when you're not using it isn't just a safer way to compute, it also saves your battery. That way, you can chow down on your Panera bread until that couple finally vacates the table next to the power outlet, then you can hunker down for some serious free online time. Just get yourself an I.C. Honeydew Green Tea or something to appease the management and be sure to tip the staff appropriately. Free Wi-Fi is a mighty big favor from a corporate chain.

In the TalkBack below, share your wireless security fears and your ideas about how to keep yourself safe while surfing.