How to Protect Your Data in Airports, Coffee Houses, and Hotels

In a recent interview, I was asked a series of questions about the dangers of wireless technology on the road. I’d like to share my responses here as to ways that travelers can protect their data when hooking up to “free” wireless technology in airports, coffee houses and hotels.

1) What is a sniffer?

A sniffer is most analogous to a phone wiretap.  However, a wiretap only listens to the phone line it is connected to versus a packet sniffer can listen to all communications on the network.

2) Are sniffers ever used for legitimate network functions?

Yes.  Packet sniffers are commonly used to diagnose network problems, analyze traffic patterns, and even detect if a user is sending inappropriate data on the network.

3) Why are sniffers so difficult to detect?

Sniffers are designed to be “listen only” devices and are specifically built not to tamper with data as it traverses the network.  However, placing a sniffer on a wired network may require special hardware or device settings on the network switch.

4) Why is unsecured Wi-Fi — such as that found in coffee shops, airports and hotels — the least secure and vulnerable to sniffers?

On a wireless network, unlike a wired network, all local network traffic shares the same channel.  A rogue packet sniffer does not require special hardware or settings you changed on the wireless access point and can capture all the data that is sent wirelessly.

5) How does this happen — in plain English?

The wireless network card in your laptop, tablet or phone will connect to a selected open wireless access point (WAP) based on four pieces of information supplied by the wireless access point: the Service Set Identifier (SSID), the Media Access Control (MAC) address, a wireless channel, and the transmission power.  It is trivial for an attacker to set their wireless network card to look the same as the coffee shops wireless access point.  If the attacker sets a wireless transmit power slightly higher than the WAP’s transmit power, users will connect to the rogue device instead.  The attacker may then use a second wireless card to connect to the legitimate WAP in order to capture unsuspecting users data as it passes through their computer and out to the Internet.

6) Why does it happen?

The primary goal is identity theft or corporate espionage.  By capturing data as it goes across the network any attacker can passively look for unencrypted or under-encrypted data.  Even with an encrypted connection to a website an attacker who has forced all of your network traffic to go through their computer may be able to strip off or reduce the encryption without the user being aware.

7) How can travelers prevent their data from being unlocked and free for the picking?

I recommend travelers should use a paid VPN service that will create an encrypted tunnel between the laptop or phone and to the exit site of the VPN service.

Alternatively, travelers should consider altogether avoiding dangerous free wireless networks and using their cell phone as a mobile hotspot device to connect to the Internet while traveling.

8) Is the threat of data or identity thieves widespread?

It is a universal truth that criminals will capitalize on every vulnerability they find whether it resides in the physical or virtual realm.