Mobile WiFi Hot spot on board

The friendliest place on the web for anyone who enjoys boating.
If you have answers, please help by responding to the unanswered posts.
See posts with no answers
timjet

timjet

Guru
Joined
Apr 9, 2009
Messages
1,920
I'm thinking of getting one of those mobile wifi hotspot devices from verizon and using it on board. The device transmits a wifi signal that can be used by up to 10 devices after receiving a data signal from verizon's mobile data system.
My concern is how secure is this connection. I've avoided using WiFi in hotels to connect to my bank due to security issues. I'm also thinking of discontinuing my DSL service at home and just using the WiFi hot spot there too, but again security issues are a concern.
Anybody know anything about this?
 
Using a Mifi device or tethering to your smart phone (the same concept) is secured through the encryption/authentication used between the device and your computer. This is the same for any 802.11 (wifi)device you use. If you use WPA as your authentication you'll be fine.

On our boat I have two methods of accessing the internet. The first is through the KVH satellite system. On this I have a wireless hot spot with WPA authentication. This is the expensive internet path, so I only use it when out of cell range.

The other method I use is to enable the personal hotspot on my Iphone. that provides a wireless hot spot as well. This is very cheap internet so its the one I prefer to use.

As far as security, there are two levels. The first evel is the encrypted link between your computer and the wifi hotspot. This is only a risk if someone is within the range of the hot spot (generally around 150'). Think about your boat. What are the chances of someone within 150' of your boat having the advanced computing capability to break WPA encryption? Not very likely.

The second level of encryption is the encryption between your computer and your bank. This is not going to be broken either. Yes it could be done, but it would have to be done by an IT professional that was directly connected to one of the routers between you and your bank, and who had the advanced computing power available to break the encryption. This just doesn't happen, thats why online banking, credit card machines, etc... are generally considered safe.

As far as the signal between your cell phone and the cellular data gateway at the phone company, I wouldn't worry about that. The equipment to monitor that is very specialized and you'd have to be within the reception range of both the cell tower you're on and your phone. Its just not worth it for someone to do that, especially with the encryption for banking as described above.

Now, here's another issue, and the issue isn't banking. Banking isn't the risk as described above. When connectiog to a public or free hotspot, that information can be monitored, and quite easily. All it would take is someone at the local router or switch using port mirroring and some monitoring software. They could see where you are browsing, and see any information you send in clear text (like your TF posts). So, just be aware that your free browsing might be monitored and act accordingly.
 
Last edited:
We had a Verizon hot spot for years. It has a s aecurety mumber, usually its phone :eek:number. We recently up graded to a Samsun Gallazy tablet that can also be a hot spot. I am replying on the tablet, and my wife is on her note book using the wifi. We have had not problems and works great. We take the tablet with us when we leave the boat as we use it as an e reader.
 
Ksanders, thanks for the detailed reply.
So in summary a secure connection between my computer or wifi enabled device and the mobile hot spot device using WPA authentication is considered a secure connection?
My current home computer setup has a router that broadcasts wifi that I use thoughout the house on my tablet and laptop. To access this wifi signal I had to setup a password. Is this the WPA authentication you mentioned?

Blue Heron; I have an android phone, but per this discussion I don't think it makes any difference.
 
For the reasons ksanders pointed out and more I would not be concerned with wireless network security. I have been using wireless for banking and my investments for years. The biggest security issues are at the interface(ATM, point of sale machines, etc)

The only wire coming into my house is an electric utility line. Everything else is wireless and completely secure.
 
CPseudonym said:
The only wire coming into my house is an electric utility line. Everything else is wireless and completely secure.
Click to expand...

That's interesting as I'm thinking of doing the same.

My only concern other than the wifi security issue is the phone. I travel for business and there are times when I've tried to reach my wife on her cell phone but for several reasons she's not be reachable (dead cell phone, unable to find it, etc). I however can always reach her via our land line.

But there are alternatives. All the cell phone companies now have a device that allows your home phone to connect to it and the device uses the companies cellular system to place and receive calls. It is of course the same as a cell phone but calls are routed to your stationary home phone. The device and setup costs 20 bucks a month.
 
timjet said:
I travel for business and there are times when I've tried to reach my wife on her cell phone but for several reasons she's not be reachable (dead cell phone, unable to find it, etc).
Click to expand...

That is the only wildcard in this equation for me. I have 5 phones on our family plan and one is always on the charger at the house to act as a "home phone" for just that reason. I also have 2 of the smartphones tethered so as to have internet available for our sons I-Pods while traveling.

Clearwire internet takes care of the internet at home. TV is local stations on the antenna augmented with streaming Netflix via the Clearwire connection. TV is also watched online via the stations website, the 24 hr delay never bothers us as we where DVR junkies anyway. A small older laptop connected to our 47" TV via and HDMI cable handles the TV/Internet interface.

We had a small learning curve when we first made the switch to all wireless but have no regrets 5 years later. I added up the savings 2 months after the switch and it was about a $200-300/month savings in our case.

My neighbors think it's cool as during a blackout we are the only ones in the neighborhood with power and internet etc. as I also have a generator that is capable of handling the bulk of the normal house load.
 
For all the reasons stated below, using tethering is very safe, same for your home Wifi as long as you use standard WPA security and a strong password. ( We were anchored in Barlow Bay, Lopez Island and my son, who is not a hacker, was playing around with his laptop Wifi and an external antenna. He found one home network that was totally unsecured and another who's password was the same as the networks name.) Not very smart!!

Public Wifi systems are subject to abuse and a hacker within range of the public Wifi can easily intercept your unsecured connection. Many marinas now have public Wifi and it is no safer than Starbucks or your public library Wifi. Maybe worse because they cover a much larger area with multiple nodes. I see people with laptops setup at the ports picnic tables and sitting in cars in the parking lot using the Port free Wifi all the time. I doubt they have boats in the marina. The Ports password. . . . .is . . . the Ports phone number.:blush:

Larry B
 
Tim, I have a Droid phone from At&T. Because I am away from home or office so much it is my only internet. It will make a hot spot for 5 devices. I do not trust any internet connection enough to do banking. I will not post my bank account numbers for any reason. I will use some WIFI hotspots because of their increased speed, but still will not post things that need to be very secure. If hackers can get through government firewalls for secure data, I think ours would be a piece of cake.

I transact a lot of business over my Droid hot spot, but usually it would be of interest to no one else.

Oh yeah, I live in an urban setting. It is not unusual to see questionable characters walking around with portable computer devices looking for open or WIFI networks to hack. In suburban neighbor hoods they just drive around in cars looking for signals. If they can hack your bank or credit card company, there is no way that our stuff is secure.
 
Last edited:
Don, do you not do any banking via wifi, even the one at your home?

It sounds like from the discussions on this thread that wifi properly encrypted is safe and with the limited distance a mifi unit broadcasts it's likely to reach only a few people near you.

As a precaution, my investment accounts where most of my money is, can only transfer money to my local bank. So a hacker would have to break into my investment account know where to send money and then know how to get into my local bank account before any money is stolen. I'll probably get replies telling me this is not as secure as I think it is!
 
Reference entering account #s & passwords, I've read it's more secure to copy & paste those in rather than type them in. I have an email to myself with lots of jib bearish (sp) containing my data that I copy from when checking sensitive data when traveling. Efu483juoo879WwSeuy contains a string that is a password.
 
timjet said:
Don, do you not do any banking via wifi, even the one at your home?
Click to expand...

Correct. I do not post account numbers for banks or investments on line To do banking when away, I phone a bank officer that takes care of it for me. Same with my investments. I am not really paranoid as my psychiatrist says they really are out to get me.
 
timjet said:
So in summary a secure connection between my computer or wifi enabled device and the mobile hot spot device using WPA authentication is considered a secure connection?
My current home computer setup has a router that broadcasts wifi that I use thoughout the house on my tablet and laptop. To access this wifi signal I had to setup a password. Is this the WPA authentication you mentioned?

Blue Heron; I have an android phone, but per this discussion I don't think it makes any difference.
Click to expand...

Yes, a WPA authenticated connection encrypts all data traveling between the wifi hot spot and your computer.

When you set up your wifi hot spot/router wou will be given a choice between WEP and WPA encryption. Choose WPA. WEP is an older technology that is easier to break.

The encryption is stripped off at the WIFI hot spot and the data is sent in its native format to the internet from there.

The big lesson here is to not consider public wifi as a secure connection. Encrypt your data from public hot spots using encrypted browsing (https), but this is what banks use anyway. The risk at public hot spots is more along the lines of your unencrypted data like your TF posts, that kind of stuff.
 
timjet,
Before you buy that hotspot device, check if your phone isn't one already. I almost bought one until I learned that my iphone also serves as a hotspot.
 
I use my iPhone as a wifi hot spot. In fact, I just typed this reply while floating on the Napa River in California. The encryption provides a secure connection. However, like Don, I avoid banking or investing on any wifi...just in case!
 
mahal said:
timjet,
Before you buy that hotspot device, check if your phone isn't one already. I almost bought one until I learned that my iphone also serves as a hotspot.
Click to expand...
Thanks mahal, my droid incredible can probably be used as a hotspot. However I'm trying to reduce my monthly fees on everything as I'm nearing retirement. My verizon cell phone bill is #2 behind my electric and I consider that ridiculous. So I found a cell carrier that's much cheaper, Page Plus. They charge 29.99 a month for 1200 talk minutes, 3000 texts, but only 100 mb of data. That's only enough data to check e-mail once or twice a day and some light surfing. My verizon HTC droid incredible works with Page Plus (one of the few smart phones that does), and they use verizon's network.

So my plan is to get a mifi device for 50 bucks a month and get rid of my land line phone and DSL. The mifi device is portable so I can use it on the boat or at home. The only problem with this scheme is that I get a very weak cell phone signal at home and may have to consider a cell phone signal booster.
 
If you're concerned about financial or bank account security using WPA encrypted wireless. Then think about how many times you hand your Debit/Credit card to a waitress, store clerk, bank clerk, use a store, restaurant, or gas station card scanner, cash machine, etc?

Ever heard of a card skimmer? Works with all these things?

I bought a $17 lunch in Athens, Greece a couple of months ago. (I hope I enjoyed it, because I sure don't remember being there??) :blush:

LB
 
I don't know anything about security issues but I am very satisified with the performance of Verizon's Mobil Hot Spot using my Thunderbolt phone.
 
Dont know if it has internet for the price , but we now use a home "cell phone" from Verison.

$19.95 a month (plus the local tax extortion) and simply take it with us when we snowbird.

Same number ,either home, and on the boat or in the RV , it does work too (DC power required)

No time limits , no such thing as a long distance call in the USA.

Internet , probably for more bucks , but WI FI is really range/location limited , cell phones have better distance and coverage.
 
Open WiFi Security Concerns-Approach

Disclosure - I'm not an IT or communications expert by any means. I rely on our firms IT resources and lean on them regularly.


Background to the point I wish to make - We use what is called a VPN (Virtual Private Network) capability for secure communications. I can't explain all the details and understand that with this in play data packets are encrypted between the source (for example my laptop) to the receiving system whether carried in the air or on a conductor of some type. With this feature I can log into a client's system from an open wireless network (unsecure access point such as the hotel I'm presently staying in) and have secure communications. We use the same approach for firm email - secure independent of the local access point. That's my understanding.


The issue - what security do I have when on an open wireless system (such as this hotel or a marina) when I'm not connected to our email server or to a client's system with my VPN app? In late 2010 Jeffery and Karen Siegel of Active Captain discussed this exposure in a couple newletters. They provided some background and suggested approaches for such situations. The newsletter articles were:


Open WiFi Dangers ... (https://activecaptain.com/newsletters/2010-11-17.php)

More on Open WiFi (https://activecaptain.com/newsletters/2010-11-29.php)

Https - ... and also VPN's 101 - Part 1 (https://activecaptain.com/newsletters/2010-12-08.php


VPN's 101, Part 2 (https://activecaptain.com/newsletters/2010-12-15.php)


VPN Selection (https://activecaptain.com/newsletters/2011-01-05.php)

Essentially they suggested subscribing to a service that provides VPN features when needed. So at the moment I'm working from my room in a hotel that has an open WiFi - no password required to use their network access point. My approach is to connect to their network and before I go to a web page where I might enter a password - such as to login to make this reply - I open the Witopia private VPN application - one of the services they evaluated and recommended. I then connect to their system and work through their network. I don't notice any response drag and have a secure connection.

Again this is how I understand things so stand to be corrected as necessary. Perhaps this is all outdated since it's nearly two years old.

Don
 
Sealegs said:
Again this is how I understand things so stand to be corrected as necessary. Perhaps this is all outdated since it's nearly two years old.
Click to expand...
It is as dead-on accurate today as it was 2 years ago. A VPN that can be trusted is a sure way to get around the dangers of open WiFi. If you blindly just connect to an open WiFi spot that you happen to find while cruising, you are asking to have your email account hijacked. All non-https website traffic can be easily recorded.

Using open WiFi starts a downhill slide of identity theft and can lead to bank/credit card spoofing quite easily depending on your email server.
 
Yes, HTTPS or VPN is the way to go for anything you need to be secure.

VPN is unecessary if you are using HTTPS. HTTPS builds the same kind of tunnel as VPN.

If you are accessing e-mail over a non HTTPS link, or over any public connection then your e-mail could be hacked.

Personally I never use public internet. I use my cell phone or my satellite system.

Even over that I use a VPN link back to my companys network for email

Here's another risk. If you use VPN (like I do), there is something called split tunneling. What that means is that only traffic that needs to go accross the VPN link is sent accross it. The rest of the traffic is sent out as normal in an unencrypted format to the internet. Split tunneling is widely used to decreases the "double" bandwidth requirement that internet traffic places on the VPN endpoint (normally your company). So, if you are using split tunneling for your VPN then your internet traffic is unencrypted even though you might think its secure.

The moral here is for anything you want private, make sure you have encryption all the way to whatever you want private.

And I am a networking professional.
 
Last edited:
I use WiFi Tether app on my HTC and FoxFi on my wife's Moto.
 
Other than the public wifi risk that others have mentioned, the two biggest vulnerabilities you will face are at either end of the connection. Any institution that stores PII (personal identity information) is subject to continuous automated attack - but your personal equipment is vulnerable as well. The least secure stage in the entire communications chain is your local equipment.

The implication of this is that anything on your local equipment - phone, tablet, computers - that is critical to you must be further protected (meaning encrypted). I personally store senstive data in 1Password, but there are other options. And the drive on my laptop is encrypted with BitLocker.
 
We have been using our Verizon mifi and then the hotspot on a smart phone for years. Dumped the land system a while back. Works flawlessly and is encrypted.
 
You must log in or register to reply here.

Similar threads

wkearney99
New Peplink gear
Replies
8
Views
985
wkearney99
wkearney99
mvweebles
WiFi Network Config for Weebles (Simple - sorta)
2 3
Replies
68
Views
5K
pjtemplin
P
PJHoffnet
SIMRAD NSS12 evo 3 - WiFi, what am I missing?
Replies
5
Views
3K
Hippocampus
H
mncruiser
No mobile app frustrations (I know it was turned off)
Replies
7
Views
618
Jeff F
Jeff F
mvweebles
Peplink + NEMO + Starlink = ?????
Replies
13
Views
2K
Capt Ray
C

Latest posts

Back
Top Bottom