WiFi Safety Tips from Hacker Convention: "

'The most dangerous places to connect are airports, hotels, convention centers,' say Richard Rushing, Chief Security Officer for AirDefense, which does wireless security. 'And most people use credit cards there.'

Oops. I am hooking up to the San Diego Convention Center's wireless and paying for with a credit card as he says this. Apparently lots of other people are too because a snicker rings through the workshop here at ToorCon9.

By their nature, WiFi hotspots are insecure, he says, though they can be made more secure by using client isolation, which makes it harder to slide up and down the communications links from the server to the client and web.

'Client isolation should be turned on but we can still spoof the address or take the address backwards,' he says, noting that Macs are easily spoofed.

'Hot spots are really set up for the bad guys,' he says.

When Rushing looked at hotspot users, he found 30 percent have no firewalls and 3 percent have active malware they're inadvertantly introducing to the servers.

24 percent of the users never disconnect' after they were done. 'It's like standing at an ATM when you're done, counting your money.'

Most users developed very strong password and then sent over clear text so they can easily be grabbed. Most firewalls designed to defeat the pings and scans but are easily spoofed.

What can a hotspot user do?

-- Use prepaid wireless cards

--Use known hotspots, not airports, hotels, convention centers and libraries; where countless anonymous users come and go and the provider has no social connection to the users. Rushing says there's a growing number of baby boomers using library and hotspot wireless to do their banking because they don't want to set up at home.

--Don't do your banking on public networks. Use prepaid credit cards when you're not sure about the security on the network.

--Fortify your laptop if you're using hotspots, he says, with regret. 'What I've learned from looking at hotspots is that your laptop i's on its own, so you better take care of it.'

'Hotspots are great for browsing, but for personal stuff, be very wary,' Rushing said.

"

(Read Original Article - Via Threat Level.)