Jul 19 2012
As many of you already know, I prefer the trains to the airlines these days because I can get much more done, and it’s much more comfortable to boot. Strip-searches at the TSA Checkpoints aside, the seats are roomier, the view is better and the cafe car is open nearly the whole trip.
But, back to the blog, there are a few things that you should be thinking about when traveling with your Mac that revolve around security. Today, let’s talk about digital security while you’re on the road with OS X or iOS.
Specifically, let’s talk connectivity. When you’re traveling, there is a huge temptation to use all those free wifi hotspots you come across. If it is at all possible for you to avoid them, do so.
Let me repeat that – never connect to a free wifi hotspot unless you know for absolute certain who owns it, who’s on it, and what the vendor is doing with the data you send across it.
Public wifi sounds like a great idea, but the current state of our technology – at least here in the US – doesn’t allow you to be sure that “ATTWiFi001″ is actually a hotspot created and maintained by AT&T until you’re already connected to it. Even when you know it’s a free carrier hotspot, you have no idea who else is on that same connection with you, and how much control they’ve carved out for themselves.
What that means is that an attacker can already be connected to your device before you know that they’re there. They’ve got the ability to start introducing malware and doing all forms of nasty stuff. Added to that, if you send or receive information across the network (which is, of course, the whole point), then the attacker can see all of that traffic “in the clear” and gain personal information from you as you surf. While SSL (secured) connections can remove some of this risk, if you’re on a hostile wifi hotspot then this tech cannot completely protect you.
A much safer bet is to use your own personal hotspot. Most iPhones can perform that function (for an extra fee to your carrier), and most wireless carriers also have stand-alone devices that can provide connectivity over their networks when you’re out and about. This gives you direct connectivity via a wifi access point (the device) that you know is connected to your carrier, and not an unknown access point.
If that’s just not possible, then protect yourself. Use a personal VPN service like WiTopia to shield your connection and the data going over it. While not totally foolproof, the idea of this kind of tool is to encrypt your data traffic from your laptop to one of their data centers. Once there, the traffic is allowed to enter the internet just like normal, but anyone listening in on the wifi hotspot you’re connected to will see gibberish.
These services are not free, but WiTopia is reasonably priced (US$50/year) for personal use. They’re great for that extra level of protection when you’re stuck using a network you just don’t have a good feeling about.
Note that WiTopia is just one of several providers of these services. I have used them for about a year now, and haven’t had any issues, but they’re not the only game in town. Ask around to see who the best fit is for you in your geographic region and for the type of things you do online.
Have fun on the road. Stay safe, think smart, and always suspect that “free” wifi hotspot you just picked up.
The ever vigilant @ Snipeyhead added that you should be checking to make sure your mail client is set up to use SSL (secure connectivity) so that at least your login credentials are never sent in the clear. Same goes for websites like Twitter, Facebook, etc. where the option to use SSL (sites starting with httpS://) so that those logins are also obscured from prying eyes.
Good advice indeed!