Choosing the best wifi connection

Current iterations of Wi-Fi boast ranges of around 40 meters inside a building and up to 90 meters outside. Those distances, combined with the sheer number of Wi-Fi networks out there, mean that an active wireless client is often within range of tens if not hundreds of wireless networks at any given time. Some of these are secured and will be labeled as “security-enabled” on a user’s Windows menu of available wireless networks. But many available networks are not secured.These available networks might be residential networks that their owners didn’t bother to encrypt. They might be municipal Wi-Fi mesh networks that span whole cities. They might be other hotspots from nearby businesses. And yes, they might be malicious rogues that are set up to steal private data — the aforementioned evil twin. Usually, Wi-Fi networks are labeled with a service set identifier (SSID), and it’s important to pick the right SSID from the list of available networks when signing on to a public hotspot. This is usually a matter of common sense. Clearly, a user looking to connect to a commercial hotspot probably wants to avoid a network called “apartment3A_rulez!!!” But it’s not always so clear; a wireless network menu often yields networks that are simply named “Linksys” or “Netgear.” A network named for a hardware manufacturer is probably indicative of someone who just plugged in an access point right out of the box and didn’t bother with any further configuration. It might be an easy opportunity to score some free Wi-Fi signals. But, and this is a big but, it also could be an evil rogue access point. While it may be tempting just to pick a network and connect for free, it’s too much of a security risk.

If users are in a small business venue with free Wi-Fi access, such as an independent coffee shop or a pubic library, then it’s a good idea for them to ask the business manager (or librarian) for the correct SSID. If users are at a hotspot that charges a fee for Wi-Fi access, then they should be sent to an introductory Web page that asks for authentication and/or billing information. That should happen as soon as they connect to the network and open a Web browser. (Starbucks coffee shops, for example, have a partnership with T-Mobile, so Starbucks customers should automatically be taken to a T-Mobile log-in page.)

If a log-in page requires credit card information, users should make sure that that log-in page employs SSL encryption. (Generally SSL encryption is a given for any site that has “https” in the Web address.) Furthermore, they should make sure nobody is watching them type in that information. People tend to zone out when they’re online and they forget that there are people around them, some of whom might be bad people.

Related posts

• Disabling ad-hoc networking is one way to prevent a computer (0)