wireless security

I am afraid this may not be the appropriate ng (I was referred to
wireless.security which I can't find in my list of ng's)for this but I
can find no other that comes close.
I have asked this of a few people and can't seem to get a consistent
answer (well, I can find a LOT of answers but since the answers seem to
vary to the extreme, I have no faith in any). Just gambling someone
here can answer. If not, please direct me to an appropriate ng.
I sometimes travel with a PDA, cell phone, or both. I enjoy keeping up
on some news on the net and have used some free networks (e.g.,
Starbucks) to do my surfing. But I often read articles warning about
how unsafe such behavior can be. Anywhere from someone sucking all the
info from my PDA, to being connected to fake network, to 'just don't use
a password,' to 'its all way overblown - don't worry.'
To date, my surfing has been visiting news sites - no passwords, no
usernames, no SSNs. And I have seen no evidence anyone has sucked info
from my PDA/cell (if I could tell).
So here it is - how safe is it to surf free/public networks? Any
precautions I can/should take?

Re: wireless security

jay lunis writes:

>I am afraid this may not be the appropriate ng (I was referred to
>wireless.security which I can't find in my list of ng's)for this but I
>can find no other that comes close.
>I have asked this of a few people and can't seem to get a consistent
>answer (well, I can find a LOT of answers but since the answers seem to
>vary to the extreme, I have no faith in any). Just gambling someone
>here can answer. If not, please direct me to an appropriate ng.
>I sometimes travel with a PDA, cell phone, or both. I enjoy keeping up
>on some news on the net and have used some free networks (e.g.,
>Starbucks) to do my surfing. But I often read articles warning about
>how unsafe such behavior can be. Anywhere from someone sucking all the
>info from my PDA, to being connected to fake network, to 'just don't use
>a password,' to 'its all way overblown - don't worry.'
>To date, my surfing has been visiting news sites - no passwords, no
>usernames, no SSNs. And I have seen no evidence anyone has sucked info
>from my PDA/cell (if I could tell).
>So here it is - how safe is it to surf free/public networks? Any
>precautions I can/should take?

You must assume that all information that is transfered over the net is
open for the world to see, unless you specifially encrypt it before it
exits your device. It also depends on how much security your machine has.
Ie, it is connected to a public network, and it has no firewall to protect
it. Its only protection is what it has in its own software. Eg, if anyone
can log on without passwords to your pda, then it is highly insecure. (I
have no idea what the security standards are on pdas).
And yes "sucking out the data" rarely leaves any traces behind. I would not
use a device which contained sensitive information on it.

Re: wireless security

Unruh wrote:
> jay lunis writes:
>
>> I am afraid this may not be the appropriate ng (I was referred to
>> wireless.security which I can't find in my list of ng's)for this but I
>> can find no other that comes close.
>> I have asked this of a few people and can't seem to get a consistent
>> answer (well, I can find a LOT of answers but since the answers seem to
>> vary to the extreme, I have no faith in any). Just gambling someone
>> here can answer. If not, please direct me to an appropriate ng.
>> I sometimes travel with a PDA, cell phone, or both. I enjoy keeping up
>> on some news on the net and have used some free networks (e.g.,
>> Starbucks) to do my surfing. But I often read articles warning about
>> how unsafe such behavior can be. Anywhere from someone sucking all the
>> info from my PDA, to being connected to fake network, to 'just don't use
>> a password,' to 'its all way overblown - don't worry.'
>> To date, my surfing has been visiting news sites - no passwords, no
>> usernames, no SSNs. And I have seen no evidence anyone has sucked info
>>from my PDA/cell (if I could tell).
>> So here it is - how safe is it to surf free/public networks? Any
>> precautions I can/should take?
>
> You must assume that all information that is transfered over the net is
> open for the world to see, unless you specifially encrypt it before it
> exits your device. It also depends on how much security your machine has.
> Ie, it is connected to a public network, and it has no firewall to protect
> it. Its only protection is what it has in its own software. Eg, if anyone
> can log on without passwords to your pda, then it is highly insecure. (I
> have no idea what the security standards are on pdas).
> And yes "sucking out the data" rarely leaves any traces behind. I would not
> use a device which contained sensitive information on it.
>
Very good. Just a few questions for clarification.
I presume there is such thing as firewall sw for PDAa and Windows Mobile
phones?
If my data on the PDA is password-protected (e.g., contact
info/calendar) then my PDA is secure whether I surf or not. Right?
All sensitive data on my PDA is in one app which is password-protected.
Only use of PDA/phone is to surf news sites like google, reuters.
Does this mean surfing is safer?

Re: wireless security

jay lunis writes:

> So here it is - how safe is it to surf free/public networks? Any
> precautions I can/should take?

Uhruh said what I was going to say...

When you log onto web sites (gmail, eBay, amazon, etc.), make sure
it's an encrypted link (https://......) before you type a password.
There are programs script kiddies can run that listen for connections
to popular sites, and print out username/passwords as they are sniffed.


If you use firefox, you can use greasemonkey http-to-https redirector
user script.

http://diveintogreasemonkey.org/casestudy/gmailsecure.html

The http://www.customizegoogle.com/ can also be configured to always use https

The gmail notifier can be modified by settign SecureAlways to 1

You can change your gmail.com bookmark to use https: instead of http

There is the firefox
Verisign EV Green Bar extension
And any anti-phishing extensions you can use are recommended.
I think the Betas of FireFox 3 have improvements in this area, but I have not tried them yet.

I use NoScript, and AdBlock as well.






--
Posted via a free Usenet account from http://www.teranews.com

Re: wireless security

On Thu, 20 Dec 2007 11:48:10 -0500, jay lunis wrote:

> Very good. Just a few questions for clarification.
> I presume there is such thing as firewall sw for PDAa and Windows Mobile
> phones?

Wrong question, right question is if there is, how do you verify it is
worth installing?

> If my data on the PDA is password-protected (e.g., contact
> info/calendar) then my PDA is secure whether I surf or not. Right?

Wrong, password busting software is getting more and more sophisticated.

> All sensitive data on my PDA is in one app which is password-protected.
> Only use of PDA/phone is to surf news sites like google, reuters.
> Does this mean surfing is safer?

Safe from what?