• filter:
  • Page :
  • 1
  • Text Only
  • Search this Topic »
rated:
Due to employer decisions, I am now a long-term hotel guest. My hotel offers free WiFi. Compared to the hotel I stayed at previously, instead of having internet access upon launching a browser, this one takes me to the hotel's internet portal where I input a password before granting me access to the internet. The password changes weekly.

Concerned about security, I have asked hotel leadership about connecting to the network by wire; unfortunately, this is not possible as the building's original internet infrastructure ran from a modem; even if the circuitry was valid, an ethernet cable plug (RJ45) cannot fit into the wallplate's "Data" port as it is identical to a landline phone port (RJ11?).

Question: What actions, if any, can I take to increase the security of my internet use? I have limited my internet use to emails and browsing, however, I need to perform transactions (i.e. pay bills) on various financial sites. Does the changing password represent the equivalent level of security as plugging my laptop into the wall?

Thank you.

P.S. The "unsecure, open" label is what I observed when I initially searched for available networks. My connection currently reads "connected, open."

Member Summary
Staff Summary
Thanks for visiting FatWallet.com. Join for free to remove this ad.

rated:
You connect via a secure website (padlock?/ "https") when you pay your bills? Then there's nothing else that you need to do
You should also make sure that you are connecting with "https" (secure http) when you access your email

You might also consider buying a VPN to increase your security when the websites do not have this secuirty

rated:
Wifi is almost as secure as wired.
Unless you have the FBI in the next room with a wifi sniffer to read your data, then it's as secure as wired. (and if this is true, you should not be posting on Fatwallet)

Your bigger worry is that that hotel internet has been compromised and to solve that you would use a 'VPN' to scramble the data at the hotel connection side.

All bill pay sites have HTTPS which scrambles the data from your laptop to their site, but a VPN will scramble that you even went to that site in the first place.

That's about it. How much is security worth it to you?

rated:
WiFi is not almost as secured as wired. The signal is available to anyone within reach of it

rated:
Thank you, ellory and forbin4040, for your thoughts. The financial sites I visit do have the lock symbol on my Chrome browser when I log-in, so that much "may" be secure. Any recommendations on a VPN? I've never used one other than being aware of the government requiring personnel to use a government-VPN when checking out laptops for home use. I don't qualify for this as all my transactions are personal, not business.

rated:

rated:
The 'lock' means the data between the browser and the site is encrypted.

As I said, if you have people who are unscrambling your Wifi signal in the air, you have much bigger issues. Those people are on premise and are looking for a particular person. It's not like they can just sit in one location and wait till person 'X' gets there, they have to check all wifi connections.

Now, a better way is to monitor the hotel internet directly. That's how a hacker would get your data, it's better to have a direct connection and a lot less work to unscramble your ip signals.

HOWEVER, even if the Lock is there , the hacker knows you went to 'BankofAmerica.com' and will start paying particular attention to your data stream (Or try to spoof you to a fake 'bofa' site).

That's where a VPN comes in, once you get to the VPN (And the hacker knows you went to a VPN but can't do much about it, including trying to spoof it), then all transactions use the VPN's DNS, and not the hotels. Hence the hacker doesn't know where you went. Except he knows you went to a VPN.
(Yes there are a ton of other things the VPN does, but this is a layman's definition)

rated:
I've seen articles saying that hotel wifi can be very suspect, even if they promise security.

The articles recommend getting your own "hotspot" from a cell phone provider and using that instead of relying on the hotel connection. Can you do that?

(I do understand that having a VPN on the unsecure network would be a lot better than using it with no protections, so I'm not disagreeing with the VPN advice above.  But having your own hotspot might be safer and simpler, if the cellular connection is okay.)

You could also use the VPN with the hotspot,
and use it when there are times that your hotspot is not connecting well and you must use the hotel's wifi,
so it would probably be prudent to subscribe to a VPN now and get that set up on your computer, no matter what you end up doing for your day-to-day internet connection in the hotel.

---
There are hotels that have deliberately scrambled other wireless connections, beyond their own wifi, so people on-site HAD to use the hotel's wifi, but I think there have been some lawsuits about that and they may not be able to do it anymore. 
If it's still legal to do that, before you invest in a hotspot to use on-site, you might ask the hotel if they do anything like that.  I guess you could check out the data signal from your cell phone that you get inside your room, if you will be getting a hotspot from the same provider.

rated:
forbin4040 said:   

As I said, if you have people who are unscrambling your Wifi signal in the air, you have much bigger issues.
 

  But if the hotel network isn't set up very well, they have no need for that.  If it doesn't block peer access, for instance, someone on the same network can browse for any open network shares or ports.  This would be true even if you are connected with a wire.  And yes, plenty of smaller hotels don't know a damn thing about setting up networks, so make some very basic mistakes.

If it does block peer access, someone with some smarts can set up their own WAP and broadcast the hotel's SSID, causing you to sign in to that.  Then you are on their network so they can pretty much capture anything you do.  Once you go to HTTPS sites the data is encrypted, but until then it's all plain text.  Of course this would only be on WiFi and this is harder to do, but it can and does happen.

I agree with the above posts - VPN or cell plan hotspot.

rated:
Again, I want to thank all contributors for providing insight and discussion on my situation. Tracfone is my phone carrier; this limits any possibility for a cellular hotspot. Once my minutes are used up, I intend to switch to Mint SIM as the reigning low-cost U.S. cellular service provider; unfortunately, Mint also does not offer hotspot capability.

After viewing ellory's article, I am interested in Private Internet Access VPN but am unsure of the "Settings" that should be marked in its simple interface
PCMAG Private Internet Access VPN Write-up.

I could just be paranoid, but continuing to connect to a chronically "open" hotel WiFi network to perform personally sensitive transactions 'feels' scary.

rated:
Solomon960 said:   I could just be paranoid, but continuing to connect to a chronically "open" hotel WiFi network to perform personally sensitive transactions 'feels' scary.
 

It's not being paranoid, only prudent.  No need to explain your reasons here. 

Now, if you didn't think there was any sort of security concern with using the "naked" hotel wifi network, THAT would be a problem!

----
Don't use any for-paying-guests "public" computers the hotel might have set up (in the lobby, in the "business area", the breakfast room, whatever) -- especially don't plug in anything of yours to them. Those sorts of machines have often been found to have all sorts of bad stuff installed on them.

----
Speaking of "naked", if your room has a Samsung tv, remember that "off" may not really mean "off". 

rated:
You can also use your cell phone or iPad as a wifi hotspot and connect via that instead.

rated:
minidrag said:   
forbin4040 said:   

As I said, if you have people who are unscrambling your Wifi signal in the air, you have much bigger issues.

  But if the hotel network isn't set up very well, they have no need for that.  If it doesn't block peer access, for instance, someone on the same network can browse for any open network shares or ports.  This would be true even if you are connected with a wire.  And yes, plenty of smaller hotels don't know a damn thing about setting up networks, so make some very basic mistakes.

If it does block peer access, someone with some smarts can set up their own WAP and broadcast the hotel's SSID, causing you to sign in to that.  Then you are on their network so they can pretty much capture anything you do.  Once you go to HTTPS sites the data is encrypted, but until then it's all plain text.  Of course this would only be on WiFi and this is harder to do, but it can and does happen.
 

  As I said, no matter how many Black Hats there are out there, how many will sit at a single hotel wifi and try to get the people who wifi connect.
Now if they are at a conference, then yes I can see why someone wants to seek a particular wifi signal for espionage.

But now , to install into the wired network itself, you can control every computer the wired or the wireless.  No need to monitor the wifi's just monitor all data trail.
Just remember the #1 rule of hacking, keep it simple.  Monitor the whole internet at the source, instead of the little bit of wifi connections.

And as the latest wikileaks proved, even cells are already monitored.

  • Quick Reply:  Have something quick to contribute? Just reply below and you're done! hide Quick Reply
     
    Click here for full-featured reply.


Disclaimer: By providing links to other sites, FatWallet.com does not guarantee, approve or endorse the information or products available at these sites, nor does a link indicate any association with or endorsement by the linked site to FatWallet.com.

Thanks for visiting FatWallet.com. Join for free to remove this ad.

While FatWallet makes every effort to post correct information, offers are subject to change without notice.
Some exclusions may apply based upon merchant policies.
© 1999-2017