[MountainMac]

Tried searching on this but didn't get much, so here goes.

As an end-user accessing a public Wi-Fi network (such as in an airport, or a café, or my auto-repair place, which does have a wireless access point BTW), what security measures do I need to take to protect my data? I'm assuming the following to be true--please correct me if I'm wrong:
--If my firewall is turned on, data on my machine is relatively safe.
--Any data I transmit or receive from a secure (SSL) website is relatively safe.
--Any data I transmit or receive from a non-secure website is readable.
--Any non-encrypted e-mail I send, either from Mail.app, Entourage, or a web client is readable.

So, how would I go about securing all internet and e-mail activity on such a network? This applies to both protected and non-protected public networks.

Thanks,

MM

[larkost]

If you want services to be secure, then you have to use the SSL versions of each one, and the servers you are talking to have to all offer them (this is a big sticking point, as many email servers do not offer this).

Your other option would be to create a VPN tunnel to a server that you deem "safe" and then route all of your traffic through that.

In 99% of all cases, this is all a waste of time.

[MountainMac]

Originally posted by larkost:
In 99% of all cases, this is all a waste of time.

Would you mind elaborating on this? Like, what are the possible repercussions, and how much effort does it require for someone to steal your data?

[ginoledesma]

For one, the person trying to gain access to data sent wirelessly will have to sit through collecting all the traffic that goes by and then decode it. Even if it is all in plaintext, that will still require a lot of parsing (that is, waiting, waiting, and more waiting). It's not like there's a magic program out there that can grab credit card numbers or transmitted passwords and present them as such (I could be wrong, though).

[legacyb4]

Run MacSniffer on a mail data coming in and out of your own machine on an unencrypted stream of data.

Going line by line, you'll see the contents of your entire email sitting there in plain view...

It would not be too hard to have some script go through and look for data in particular string lengths, etc.

Best thing that you could do for now is to make sure that any data you value that is being transmitted over the Wi Fi network is using encrypted channels. Unfortunately, while many webmail providers offer secure login, the actual mail session is more often than not running over regular HTTP channels.

If that is not an option, then the next best option would be to make encrypt the actual contents of your (email) message so that even traveling over an open channel, it's still in gobbledy gook.

Cheers.

Originally posted by ginoledesma:
For one, the person trying to gain access to data sent wirelessly will have to sit through collecting all the traffic that goes by and then decode it. Even if it is all in plaintext, that will still require a lot of parsing (that is, waiting, waiting, and more waiting). It's not like there's a magic program out there that can grab credit card numbers or transmitted passwords and present them as such (I could be wrong, though).

[legacyb4]

While not necessary, it's always nice to know that you do have your little slice of privacy in this big bad world of digital communications...

Originally posted by larkost:
In 99% of all cases, this is all a waste of time.