Google Privacy Lesson: Tighten Your Wi-Fi Security

By Bill Snyder, CIO |  Security, Google, Google Street View

Canadian authorities from the Office of the Privacy Commissioner examined that data and found complete e-mails, user names, passwords, names and phone numbers. They also found a list of names, addresses and phone numbers of people who suffer a certain medical condition.

Now that's really is a problem.

The company said it was unaware that the data was being collected, blaming an engineer who added code to the Street View vehicles as part of a side project to sample the categories of data carried over open Wi-Fi networks. The company's Street View cars still roam the streets taking photos, but no longer collect Wi-Fi data.

I don't think Google had plans to use that information. But that's no excuse. Serious security breaches have affected major financial institutions when dishonest employees captured passwords, account numbers and the like. In fact, a Visa security employee told me that many credit card breaches occur when restaurant and retail employees use doctored credit cards readers to "skim" credit card numbers and verification codes. Those breaches didn't occur because the restaurants and banks were dishonest; they occurred because they have holes in their security procedures and systems. Similarly, an unscrupulous Google employee could have make use of that harvested data without the company's knowledge.

It's impossible to keep your financial information out of the hands of your bank or a store you patronize, but keeping data away from people who snoop your Wi-Fi signal isn't hard. And don't forget, snooping unprotected Wi-Fi is quite easy, and it's likely that plenty of bad guys are doing so.

How to Secure a Wi-Fi Connection

Many people think that the firewall built into your router will protect you from Wi-Fi snoops. It won't. It will stop someone from hacking into your network from the Web, but it's not designed to safeguard the Wi-Fi signal itself. So you've got to use encryption.

There are a few standards out there. The best known is called WEP, but it's old and ways to hack it are well known to the black hats. If that's all your router supports, use 128-bit WEP keys. Much better though, is to buy a router that supports the newer WPA or WPA2 protocols. Use a strong password, please.

But neither WEP nor WPA will work if you don't turn them on. By default, security is turned off on most routers.

Suppose you and your laptop or netbook are at an Internet cafe. Since you're using someone else's network, there's no way to know if it's secure. I try not to conduct financial transactions, particularly online banking, when I'm on a public network. Sometimes, though, it's unavoidable.

Originally published on CIO |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question