The French National Commission on Computing and Liberty is shocked to find that Google’s street view vans have recorded snippets of wirless traffic, including email content, user ids and passwords. Apparently, the French are easily shocked. What many people seem to forget is that wifi is radio and they’re running a radio station, starring all of the computers in the network. Like any radio station, anyone with the right type of radio can listen and record your shows.
There are two things that everyone using wifi should do.
- First, encrypt your wifi using WPA2. It’s not foolproof, but defeating WPA2 is difficult and time consuming. Anyone who’s after you, in particular, may want to invest the time, but the drive-by vans will skip you and read your neighbor’s unencrypted signal.
- Second, whenever possible, login to websites using SSL. SSL provides secure encryption from your computer to the server at the other end of the connection. If you visit websites using “https” instead of “http”, you’re using SSL encryption.
Using SSL is for all data exchanges is critical when you’re on a shared, public wifi network. Anyone at Starbucks, or the library, or your favorite place to park yourself with your notebook or phone could be recording network traffic. On such networks, you should have absolutely no expectation of privacy. It’s critical to encrypt your data before it goes out over the air.
Check with your email provider to find out if they support POPS or IMAPS and Secure SMTP. The “S” at the end of POP and IMAP means that the connection between your computer and the mail server is encrypted via SSL, too. All major mail clients support the protocol. If your mail provider doesn’t, it’s time to find a new mail provider.
If you use Gmail, click “Settings”, then “Always use https”. Gmail will then enforce an SSL connection whenver you access it on the web.