Public hot spots leave users vulnerable to hack attacks

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

More and more we hear stories of folks being victimized by hackers who steal information seemingly out of thin air. The good news is that there are a few things the average Joe can do to minimize his exposure to such dangers.

There are three places your personal data can get stolen: (1) your own PC; (2) an internet server you access that houses your personal data, such as a bank, insurance company or even shopping sites; and (3) in transit between the above two locations. Today we’ll focus on how to protect your data in transit.

One of the most vulnerable locations is via public wireless hot spots. Many folks don’t think twice about conducting personal affairs when logged in at their local coffee shop. The fact of the matter is that pretty much anyone can set up a hot spot named “Starbucks,” for example, and capture all the data that goes through it. You’re really never sure whether you’re on the “official” hot spot, which probably isn’t all that secure, either.

Along those lines, many folks looking for free wireless simply jump on the first open access point they come across. This is a bad idea, whether you are transmitting personal data or not. A rogue access point could easily infect your PC with malware or viruses.

If you do have to get on a public wireless hot spot, be careful. Don’t transmit any personal data, and limit your activities to less risky activities, such as reading the online version of the local newspaper to which you subscribe.

A more secure option for many smartphone users is to use the phone as a personal hot spot. This way, your data traverses over the phone company’s digital network, which is about as secure a network as most folks will need. Of course, this comes with a cost; your data plan will take a hit.

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

A very secure option is a commercial virtual private network, or VPN. You load a client on your computer (most VPN vendors support a multitude of devices, including Windows PCs, Macs, Android and iPhone) and then connect to a VPN server. The VPN server then connects to whatever web service you want to access.

A VPN typically uses advanced encryption to prevent everyone along the way from seeing your data. This includes your internet service provider. To the rest of the internet, it looks like your traffic is coming from the VPN server.

VPN providers claim that they don’t keep any logs, which prevents anyone, including law enforcement, from seeing what you have been doing. There has been no official word from either side on whether the National Security Agency has cracked VPN providers, either forcibly or surreptitiously. Anecdotal evidence, however, suggests that this has not yet been the case.

The downside to Hawaii folks is that most commercial VPN providers do not have servers in Hawaii. This means that the nearest server is typically located in California, which might delay your connection. The exception is hidemyass.com, which claims two servers in Hawaii. Other popular options include SlickVPN, TotalVPN and Keep Solid VPN. All have monthly plans, typically less than $10 a month, and annual plans, which can be as low as $50.

Commercial VPNs might have a bad rap because they are often used for nefarious purposes, such as torrents or accessing services not available locally. That, however, is the topic for another column.

John Agsalud is an IT expert with more than 25 years of information technology experience. Reach him at johnagsalud@yahoo.com.