How to protect your privacy while on WiFi ?

[wylbur37]

When using the Internet via WiFi at a public place such as a library
or cafe, it is conceivable that the people running the router
could be capturing all of your transmissions and therefore
could be recording your name, account numbers, etc.

Are there ways to prevent or minimize this hazard?

For example, would it help to use something like Torpark?

What would you recommend?

 

[R. McCarty]

Just make sure you only send sensitive data when the "Lock" symbol
is closed ( If using IE ) which denotes an encrypted transmission using
https.

 

[Tom Porterfield]

When using the Internet via WiFi at a public place such as a library
or cafe, it is conceivable that the people running the router
could be capturing all of your transmissions and therefore
could be recording your name, account numbers, etc.

Are there ways to prevent or minimize this hazard?

For example, would it help to use something like Torpark?

What would you recommend?

My first recommendation is to not use public WiFi networks to send
personally identifiable data.

If you do plan on sending private or personal information from a public
WiFi then make sure you are using a secure protocol such as SSL or
other. This will insure the data is properly encrypted and only
readable on the server holding the certificate.

 

[me]

Tunnel your traffic through a secure SOCKS server.

 

[Dana]

When using the Internet via WiFi at a public place such as a library
or cafe, it is conceivable that the people running the router
could be capturing all of your transmissions and therefore
could be recording your name, account numbers, etc.

Are there ways to prevent or minimize this hazard?

Do not use public wifi, and if you do, do not send sensitive items over the
link.

For example, would it help to use something like Torpark?

Seems Torpark will not help on the wireless part at all.

 

[rms]

When using the Internet via WiFi at a public place such as a library

or cafe, it is conceivable that the people running the router
could be capturing all of your transmissions and therefore
could be recording your name, account numbers, etc.

Yep. Or in the Evil Twin attack, someone could set up their own AP and
force your pc to attach to it. There is also 'cookie hijacking', whereby if
your connection is unencrypted, it is a utility-and-one-click away from
being hijacked and someone reading all your emails.

Are there ways to prevent or minimize this hazard?
For example, would it help to use something like Torpark?

Torpark is now 'Xerobank'
http://xerobank.com/xB_browser.html
It looks like you are talking about browsing from other people's machines,
so this is a good option, but remember there could still be keyloggers and
such running on those machines to steal information, and you'd never know.
Keyloggers can be bypassed somewhat by cuttingandpasting from a file on a
thumbdrive or by using one of the various programs designed to defeat them.

If on your own machine, I've also been using another free VPN service,
Anchorfree
http://anchorfree.com/
which does add ad banners to some sites, but works fine for me the few times
I've used it.
http://www.witopia.net/ is another, there are others.

rms

 

[HeyBub]

When using the Internet via WiFi at a public place such as a library
or cafe, it is conceivable that the people running the router
could be capturing all of your transmissions and therefore
could be recording your name, account numbers, etc.

Are there ways to prevent or minimize this hazard?

For example, would it help to use something like Torpark?

What would you recommend?

Doesn't matter. If they want to know, they'll know. Consider the following:

Police: "Did you call regarding a man exponsing himself?"
Librarian: "Yes, it happened right over there at that public terminal."
Police: "Do you know who it was or have surveillance tapes?"
Librarian: "Yes, but you can't see them."
Police: "Why not?"
Librarian: "Because we value the privacy of our patrons."
Police: "(???) Well, what CAN you tell us?"
Librarian: "That you'll have to have a warrant."
(pause)
Police: "We don't need no stinkin' warrant! (hits librarian with stick) Now
you give it up or I'll beat you so hard, you won't be able to lie down!"

 

[Mark Shroyer]

Tunnel your traffic through a secure SOCKS server.

Using an encrypted SOCKS proxy is a good solution for securing
individual applications, but it has some limitations. In
particular: When using SOCKS to protect Web traffic, your HTTP
requests and responses themselves will be encrypted as per your web
browser's proxy configuration, but DNS requests generally will not.
So while nobody on the wireless LAN would be able to directly see
the pages you're looking at, they could easily tell precisely which
Web servers you visit unless you take extra care to ensure that the
browser bypasses the system DNS resolver, querying the SOCKS server
instead (e.g., the network.proxy.socks_remote_dns setting in
Firefox).

Torpark, now known as xB Browser, also provides HTTP traffic
encryption (over the Tor network, which itself uses a SOCKS
interface). I'd imagine that it goes the extra step in tunneling
DNS traffic by default, but I can't speak from personal experience.

For my part I protect my privacy on untrusted networks with OpenVPN.
I have a couple OpenVPN instances on my home network's gateway, one
of which is configured to push a local default route and DNS server
to clients. So when I connect my laptop to this VPN (using Angelo
Laub's excellent Tunnelblick front-end for OS X), none of my Web,
DNS, IM, or email traffic is legible to anybody on the wireless LAN.
And as an added benefit, I get access to all the file shares and
other services behind the NAT on my home network.

If you have a spare old PC lying around and a reasonable amount of
experience with Unix systems, I highly recommend setting up an
OpenBSD home router with OpenVPN. Not only do you get a secure
firewall and VPN solution, but once you have a full-fledged BSD
server as your network gateway you'll discover no end of handy uses
for the machine, which simply would not have been possible with a
Linksys or Netgear from Best Buy.

If you're interested in running your own VPN, I'd be happy to email
you the self-reference system configuration manual that I wrote
while installing my OpenBSD / OpenVPN gateway. (I'm planning to put
it up on my web page eventually, but I haven't yet had the chance to
proofread it for spelling and technical errors.) It might sound
intimidating, but OpenVPN is in fact fantastically simple to set up
if you have any Unix or Linux experience whatsoever.

References:
http://openvpn.net/
http://www.tunnelblick.net/
http://www.openbsd.org/

 

[rms]

For my part I protect my privacy on untrusted networks with OpenVPN.

Great *if you can install a home server*. witopia/anchorfree/etc also
use the vpn concept (witopia is built on openvpn i think) but you just
install a simple app on the laptop and use their servers for the tunnel.

rms

 

[Unruh]

When using the Internet via WiFi at a public place such as a library
or cafe, it is conceivable that the people running the router
could be capturing all of your transmissions and therefore
could be recording your name, account numbers, etc.

Use ssh.
But the greater danger is taht they have put trojaned files onto the
computers. Thus you cannot really trust the puttyssh they installed for
example, or even the keyboard, since that could be captured.
If it is your own computer, then use ssh, and do not use web browsers.

Are there ways to prevent or minimize this hazard?

 

[Airman Thunderbird]

Been using this since April:
http://www.jiwire.com/hotspot-helper.htm
Seems to work well.

 

[llanalott]

When using the Internet via WiFi at a public place such as a library
or cafe, it is conceivable that the people running the router
could be capturing all of your transmissions and therefore
could be recording your name, account numbers, etc.

Are there ways to prevent or minimize this hazard?

For example, would it help to use something like Torpark?

What would you recommend?

It's public computers you use?

If it's theirs and they will let you reboot the computer you could use
live cds with tor.

Incognito, RocKate, Phantomix, ELE, Anonym.OS .

These are Linux and BSD.

Download the ISO, burn to CD, reboot computer. Make sure BIOS is set
to boot CD before the hard drive.

Public proxies with encryption. I know of snoopblocker.

 

[Goldy]

When using the Internet via WiFi at a public place such as a library
or cafe, it is conceivable that the people running the router
could be capturing all of your transmissions and therefore
could be recording your name, account numbers, etc.

Are there ways to prevent or minimize this hazard?

For example, would it help to use something like Torpark?

What would you recommend?

I use JanusVM, but then again I am one of the developers so my opinion
is basis.
However, it is a transparent proxy that tunnels all of your traffic
through Tor.
It runs on your computer, not someone elses who you might not trust or
know.
With JanusVM, you don't have to reconfigure your existing application,
which in turn also protects you from side-channel attacks. And the
best part, it is FREE! (donations are nice though

From the site...

"
JanusVM Features
* Works with WiFi.
* Support multiple users in a LAN.
* Protects you from most man-in-the-middle attacks.
* Protects you from Javascript, Java, and Flash based side-channel
privacy attacks.
* Protects your identity and your true location by masking your IP
Address.
* Encrypts and re-routes your DNS request and ALL TCP traffic to
ensure strong privacy.
* Strips out most privacy sensitive information your web browser may
leak.
* Blocks popups, annoying ads, banners, and other obnoxious Internet
junk.
* Very simple setup and operation.
* Works transparently for applications using TCP. (No UDP or ICMP
support)
"

As you would with WiFi or any other type of public connection, MAKE
SURE the sites you visit are using httpS. If httpS is not an option,
then be very selective about what information you do share with those
websites. If you do not use https, then whoever is running the exit
node could possibly watch your traffic, but at least the people
locally who could be sniffing the wireless won't have a clue as to
what you are doing.

Enjoy!

www.JanusVM.com