Using Wireless Networks: Safety Tips
Wireless networks are convenient, but they are also inherently insecure. Therefore, it is your responsibility as a user to exercise caution when connecting wirelessly. Firstly, before using any wireless network, be sure that your operating system patches and firewall software are up-to-date. Disabling file and printer sharing while you are using a wireless connection will also decrease the vulnerability of your machine. For maximum security, never join an untrusted wireless network.
What Is An Untrusted Network?
Before logging on to a wireless network, ask yourself these questions:
- Do I personally know and trust the owner of this network?
- Is this network restricted in some way so that anyone using it can be identified and/or removed if they do something illicit?
If the answer to either of those questions is "No," you are about to use an untrusted network. To use an untrusted network to bank, buy or send private information is the equivalent of standing in the middle of a public space and loudly reciting your account number, credit card number or other personal information into a cell phone: It's possible that nobody will steal your information, but why take that risk?
What Can I Do To Ensure Security?
The safest way to use the internet is to connect via a secure wire and use secure websites. However, if you want to use a wireless network you can follow the steps outlined below to maximize your computer's security.
- Do not connect when using a wireless network other than the University's wireless service via University Clean Access authentication system.
- Never save passwords in your browser.
- Wireless networks are extremely vulnerable to "sniffing," which is to say it's possible for someone to attach themselves to a wireless network and record all traffic that's going by without even logging on to the network in question (this is also a concern with wired connections, but it's worse with wireless). Accordingly, whether you are using a trusted or untrusted wireless network, you should always check the URL of any website you visit that involves personal information (banking sites, email, etc).
- If the URL begins with http://, the connection is not encrypted and is easy to sniff.
- If the URL begins with https://, the connection is encrypted and, while it can be sniffed, it's much harder to sniff anything useful out of it.
- Look for the lock icon in the bottom status bar or the URL field of your browser if you are unsure if the connection is encrypted. By clicking or double-clicking on the lock icon, you should see a window detailing the type of encryption used by the site.