public wi-fi dangers are real

septembre · 11-18-2010, 12:29 PM

people should read this article

http://www.speedofcreativity.org/201...gers-are-real/

HTTPS Everywhere can protect you only when you're using sites that support HTTPS and for which HTTPS Everywhere includes rules. If sites you use don't support HTTPS, ask the site operators to add it; only the site operator is able to enable HTTPS support on a the site.

may be* trawler forum should use HTTPS since we use frequently open wifi

dougd1 · 11-19-2010, 09:41 AM

I don't see the need for https encryption for this site.* It is a public forum that can be viewed by anyone at anytime.

It is a good idea not to post your SSN, bank account info, birth date, mother's maiden name, favorite color, 1st pet's name or other personal info on this site.

septembre · 11-20-2010, 01:57 PM

I don't think that you undersyand the reason of having HTTPS* ,the reason is that nobody in a free wifi place with a special program, would be able to get in your computer.

Capn Chuck · 11-21-2010, 03:16 PM

OK< Lets spread the fear and see if we can create as much anxiety in the public as we can. Firesheep will allow someone to use you Facebook or Twitter page as long as you are logged in and not much more. It grabs cookies, not your identity. It will not allow anyone to hack your computer or gain access to much unless you have all of your financial information on Facebook. None of this is new or all that alarming, but the alarmist will have you thinking so to prove how smart they are and get everyone to pay attention to them. any time you are connected to the internet you are vulnerable, whether wifi or wired. So you need to maintain a certain amount of security on your computer. Please take note, the sky is not falling. There is a discussion on Panbo where reasonable people with knowledge and experience bring some rationality to the discussion. Read the comments and not just the article, http://www.panbo.com/archives/2010/1...e_anymore.html .Chuck

magicbus · 11-24-2010, 01:12 PM

Well put Capn Chuck. People do need to be aware, say for instance when using a web-based email client such as Yahoo or AOL, when you are and when you are not protected by HTTPS. Some mail services only protect your login and send the cookies used during the session in the clear where these types of nefarious programs can intercept and use them. Others, like Gmail, protect your entire session - just the way a bank does.

As Capn Chuck pointed out, the interception of a cookie does not give someone access to your computer, but could allow them to possibly commandeer your online session. Since I don't use Facebook or Twitter they are no concern, but if someone could access my email they may find private information I happened to have stored there.

My rules for public wifi:

1) Firewall on
2) File and Print sharing OFF
3) Anti-virus ON
4) Never, ever, accept a certificate unless you are 100% sure of the wifi network

Surf safely but enjoyably,
Dave

-- Edited by magicbus on Wednesday 24th of November 2010 02:13:59 PM