You are viewing a single comment's thread from:

RE: Personal Security: What Are You Doing Wrong?

in #money8 years ago

No, this is not accurate. Here's what I can and can't do.

If you are accessing a public wifi hotspot to do banking here's what I can do. I can trick your machine into thinking that I am the gateway, which is the way out of the local wifi network and to the internet. What this will do is make your computer send all its packets to me and I get to look at them. This is called a "man-in-the-middle" attack because I am now in the middle of you and your banking website. However, If you're connecting to that website through SSL which you should be, it's pretty standard now, then your connection is competently encrypted. I can't see what you're doing. I can tell you've gone to a banking website but I can't just take over your connection at the snap of my fingers.

What i might do at this stage is also convince you that I am the DNS server. So when you ask how to get to bankofamerica.com or whatever I give you a bogus ip address and you go to my webpage that I manage instead. What could I do on this webpage? Anything really. If there is a vulnerability in your web browser I could compromise it that way. I could have a fake website that looks a lot like BoA's website and hope you try to log into it. I could try to get you to download something.

This all sounds kinda scary but don't worry too much. As long as you make sure you're going through a secure connection and the web browser is not giving you SSL connection errors, you have anti-virus, and you install all the latest software patches, you're most likely fine.

It is still a good idea to not use public networks for private use, but sometimes you travel and you have no choice, what to do then? OpenVPN. Back at your house set up an OpenVPN server that you can connect to FIRST before doing any activity on an open network then I can't tell anything it'll all be encrypted.

So not 100% safe to use open wifi but also not an instant death wish.

Oh and I can create a portable cell tower to make your little MiFi 4G device connect to me since I'll have the strongest signal then I've got your traffic that way too. If you don't believe any of this then I encourage you to do your own research. Cheers.

On the second point, yeah don't take pictures of your private info and put it online. I agree with you there.