It’s been a few years now since Internet connections were limited to homes and offices. Cheap mobile flat-rates are your permanent link to Facebook, Twitter, and emails. And when you can’t connect for cost reasons or due to poor reception, WiFi hotspots are increasingly available at many central locations. German telecoms operator Deutsche Telekom, for instance, plans to expand its network of WiFi hotspots to 2.5 million access points by the end of 2016. And when the legal risks are eliminated in Germany with the amendment of the Duty of Care Act, more private access points will be available again. This would pave the way for unrestricted surfing enjoyment were it not for one or two other digital threats lurking around every corner.
Major weakness in public WiFi
Hotspots in particular are notorious for their lax security. Anyone can see the wireless signals between the device and the hotspot’s access point. Communication often continues via an unsecured connection even after the user has logged in, which must also be carried out unencrypted. Anyone with a notebook and the right software sitting anywhere within a range of a few dozen meters can then read whatever data you and the world are exchanging. As a user, you have no influence over whether and how the provider encrypts wireless traffic. Even when data packets between device and Wi-Fi router are encrypted, it only helps guard against the unwanted eavesdropper at the neighboring table. Every piece of information is still directly readable on the router and all Internet nodes behind it.
How to secure your data on public WiFi
To ensure your data stays private, you’ll need to encrypt it. You can do this in a variety of ways that we’ll look at now. Emails can be protected using special encryption programs like EnigMail or GnuPG. While installing them isn’t always easy for total novices, when the system’s up and running anyone can use it. There are also a few web-mail services offering encryption under the “E-mail Made in Germany” initiative. You can also secure all your browser activities. Secure Sockets Layer (SSL), usually identifiable by the little padlock icon in the address bar, protects the data transferred between Firefox, Internet Explorer or Chrome and the node on the Internet. You just need to access a website starting with https://… instead of http://. Plug-ins for many browsers can also take care of this automatically if required, such as HTTPS Everywhere for Firefox and Chrome.
Instead of securing each application separately you can also secure all data traffic, from the start until the end of transfer, by using a virtual private network (VPN). Companies usually install a VPN on users’ devices that they use for business. Private users too can protect their privacy using a VPN. To use it, you need to have software installed on your smartphone, tablet or notebook and a node which creates the tunnel only after you have logged in correctly. Countless companies like OpenVPN and Hotspot Shield offer free or reasonably priced VPN connections. These types of connection are only one narrow type of VPN where the connection between the device and the server is secured by the provider; after that, data packets escape into the Internet unencrypted. Despite this, at least third parties (e.g. hackers) in the direct vicinity of the hotspot cannot eavesdrop on your network connection.
The risks are more manageable if you log into the Internet using a cellular network data connection. The data between the device and the cellular network provider’s base station is encrypted and not shared with other users. This means snoopers who are standing nearby won’t be able to eavesdrop on the connection. That said, as soon as the data leaves the base station, it is, in principle, freely readable again. Here too, only a VPN will protect information right from the start until the end of its transfer.
Encryption also becomes a key consideration if you use cloud services. Whether you use OneDrive from Microsoft, Google Drive, Dropbox or Wuala – in principle, all of these online storage providers have access to every file stored in the cloud. The only thing that will help here is to encrypt the data on the device itself before sending it to the cloud. In the past, it was possible to recommend TrueCrypt as a secure encryption software solution. However, after its development came to a somewhat unclear stop, it is questionable whether the software isn’t a backdoor for intelligence services. Possible alternatives, for which security questions still remain, include AxCrypt, BlowFish Advanced, GnuPT/GnuPG, and Gpg4Win. Boxcryptor even explicitly supports all major cloud storage services, making the job easy. By the way, if you don’t want to put the effort into encrypting files and emails, you should at least secure your passwords, PINs, and TANs. Password safes like KeePass are easy to use, available for many operating systems, and are the better alternative to Post-it notes kept stashed beneath your keyboard. In addition, you should always enable the firewall on your device and install the latest version of a security software solution such as Avira Antivirus Pro, Avira Internet Security Suite or Avira Free Antivirus.
Safeguarding the dilemma of small size
The sheer portability of tablets, phablets, and smartphones also has a down side: What fits easily into your pocket will also fit easily into someone else’s. The loss or theft of portable devices has been on the rise for many years owing to the value of these prestigious digital objects. You’re limited in what you can do to protect yourself against this. If you’re traveling and distracted even for a brief moment while sitting at a table, you won’t notice that lightning-fast grab which leaves you deviceless. To ensure that the most you lose is only the device itself, you should keep an up-to-date backup of your data. In this respect, cloud services are perfect – provided the data is encrypted. Other important countermeasures include adequately long log-in codes or PINs as well as software like Avira Android Antivirus Security, which helps you find and track your smartphone or tablet again, or at least wipe the data on it remotely and make the device unusable for the thief.