The PRIVATE WiFi Blog

Search By Topic:

Popular Topics:



PRIVATE WiFi

The PRIVATE WiFi Blog

Thought Leadership | Feb 7th, 2011

Ask the Expert: Am I Safe Using My Laptop in My Hotel Room?

Kent Lawson

Q: The hotel that I sometimes stay in offers either wifi or cable connection in my room. I know that wifi can be hacked into, so I always connect via cable. My communications are safe that way, right?

A: The answer is “no.” Your communication is just as vulnerable when using a hotel cable connection as it would be if you were using wifi.

wifi safety

This actually was one of the most shocking things that I learned about Internet communications before starting Private Communications Corporation. Like many of you, I was dimly aware about the vulnerability of wifi. But I assumed that if I plugged directly into the hotel’s network with a cable that I was safe.

This turns out to be false.

To understand why, we have to look back about 35 years. The technology used for most in-house networks, called Local Area Networks (LANs), originated back in the mid-1970s at Xerox’s famous PARC research lab. LANs were designed to be able to share information within an organization, such as a business. It was assumed, then, that everyone on the LAN could basically be trusted, so no security was necessary.

And that fundamental oversight has been carried forward ever since.

That is not a major problem when the LAN is used internally, such as a business. But the same technology is used for hard-wired Internet access in hotels, and that is a serious problem.

Promiscuous Monitoring, ARP Spoofing

There are several ways to hack hotel LANs, but two the two main ones carry the colorful names of “promiscuous monitoring” and “ARP spoofing.”

Promiscuous monitoring can be used on hotel networks which use a “hub” configuration, which passes everyone’s communication thorough the same cable. (Only about 20% of hotels use this technique, but you have no way of knowing whether they do or not.) So all a hacker has to do is turn on an option in his “network interface card” to listen “promiscuously,” and the communications from every hotel guest can be captured and stored on his laptop.

Almost every laptop, whether PC or Mac, has the ability to do this. It only takes a bit of software that, naturally, is readily available on the Internet.

“ARP spoofing” is more insidious yet also more esoteric as it is very difficult for the hotel to protect against. (That is one reason why most hotels actually have two LANs – one for their internal business, the other for guests.)

With ARP spoofing a hacker convinces the network his laptop is actually that central node with the Internet connection, so all the guest’s communications are re-directed to through him. This is called a man-in-the-middle attack. He can store your communication – or even modify it if he wishes – before sending it on to the Internet. Chances are, no one will ever know what happened. At least until the next credit-card billing cycle.

The only way to protect yourself in hotels, whether using wifi or a cable connection, is to use a VPN such as PRIVATE WiFi™.

Editor's note: Have a question you'd like to submit for an upcoming "Ask the Expert" column? Email your name and question to privatei@privatewifi.com.

Associated Topics:

Associated Topics:

Comments

Related Posts

The Three Legs of Protection: Antivirus Software, Firewalls, and VPNs

Thought Leadership
Kent Lawson | Apr 15th, 2015

We've all heard about antivirus software and firewalls. But we probably don’t know as much about the third leg of computer protection: a VPN, or virtual private network. In his latest article, company CEO Kent Lawson says we do this at our peril, because the damage we can suffer from not using a VPN may far outweigh the risks of the other two combined. After the large-scale hack attacks over the past few years, VPNs are now earning their spot as the third security leg that is vital to every-day computer security. Read More

New Hotel WiFi Vulnerability

Thought Leadership
Alok Kapur | Apr 9th, 2015

Earlier this year, the FTC declared a critical announcement for travelers: hotel WiFi is dangerous. Many people assume that because they are paying for it the network must be safe, but that is a dangerous assumption. Hotel WiFi networks are completely insecure; the bad news is that a new exposure in hotel WiFi has just been found. Read more to find out how you can keep yourself protected. Read More

E-filing: The Fastest and Safest Way to File Taxes?

Thought Leadership
Eva Velasquez | Mar 9th, 2015

E-filing your annual return to the IRS offers speed and convenience and when coupled with industry-approved software that can plug in the values for you, a lot of the headaches traditionally associated with doing your taxes are eliminated. However, there are some potential dangers that you should be aware of, such as insecure public WiFi networks and online tax fraud. Read More

FTC Says Hotel WiFi is Dangerous

Thought Leadership
Kent Lawson | Feb 23rd, 2015

Recently, the FTC posted an article on their website stating that hotel WiFi is dangerous and that users should not assume that just because they pay for Internet access that their connection is secure.

We couldn’t agree more. In fact, I have been stating this fact since we launched PRIVATE WiFi nearly five years ago.  This is an important topic because hotel traveler’s rank WiFi access at hotels as the number one amenity that they look for when booking hotel rooms. Read More

X

Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.