Advice Goddess Blog
« Previous | Home | Next »

Look Who's Watching
Public Wifi may be more public than you think. David Colker writes for the LA Times of "sniffer" programs people can use to hack into your connection:

"When people are on a public wireless connection, they have the same expectations about privacy as when they are on the Internet at home," said Cheung, 32, a computer security expert and an editor for TG Daily, a technology news website.

"But it doesn't work that way. Someone could be listening in."

Cheung was using a "sniffer" program that intercepted online signals as they flew back and forth from the laptops to a wireless modem hidden somewhere amid the coffee paraphernalia.

Mostly, the monitoring was limited to tracking the websites being visited. Numbers correlating to Web addresses flew across Cheung's computer screen, allowing him to see that the couple were viewing pages belonging to a wedding planning site.

The man a few tables away started with sites selling high-speed broadband service. He went from there to a page about managing websites.

Like in a mystery yarn, the clues kept coming in. "You start to get a story about someone," Cheung said.

Suddenly, the line "LLCs in the state of California" popped up on the screen. An LLC is a limited liability company, a type of business structure often used by small-business owners.

"He's in Google," Cheung said. "That's a search he typed in."

Sure enough, the next stop was a California secretary of state site with information about forming LLCs.

When approached, the man, Alex Auzers, 20, of Pasadena, confirmed that he was doing research on starting a business.

Asked if he had searched the exact phrase, "LLCs in the state of California," Auzers looked stunned. Then he shook his head.

"Is someone using a sniffer program?" he asked.

Gregg's getting me the USB version of the air card, so maybe I'll be a little bit safer. But, if anybody knows of any encryption programs for Mac, or ways to be safer, I'd love to hear them. (The LAT offers tips for Windows users only...the geniuses.)

Posted by aalkon at April 22, 2007 9:04 AM


The encryption you seek is actually at the access point level. If the owner of the access point hasn't enabled encryption, then your data is all transmitted in plain text.

For home, you should use WPA2 security (if you don't know what it is, Gregg will). WEP is as good as no security, so if that's all your access point at home supports, get another one.

You can access secured web sites (https:// safely, even on an open connection, because the encryption there takes place in the browser, and not on the network connection itself.

Posted by: brian at April 23, 2007 4:07 AM

Leave a comment