Are Wi-fi hotspots and wireless services really secure?

[smith]

How many of us really think Wi-Fi hotspots and Wireless services are really safe as their vulnerablities continue to exist in form of phishing, spoofing and snooping?

Do these serivces adopt adequate security measures to tackle these problems? I think the security concerns still exist in the minds of many people.

[Tom]

There is always a risk when using hot spots. Take a look at This clip from the BBC's Real Hustle tv program.

Shows just how easy it is, and that's why i'll never use a Wifi Hot Spot.

[hazephase]

I have to say that I did not know that , and will never use a Wifi Hot Spot , there are not so many people there that don't know about this may God help them

[JenniP]

The Real Hustle are great for stuff like that, the did another one similar, they parked a transit outside someone's house, and just watched what they did, knocked on their door with printouts of what the person had been doing.

Almost up until this point I was thinking yeah so what some idiot forgot to secure their router, until they revealed it was secured, ok it was WEP which is now known to be as much use as a chocolate fireguard but it did shock me.

It is worth pointing out that SSL (HTTPS) traffic SHOULD still be secure as thats encrypted from your machine to the destination machine although its never worth trusting that. Its always good to assume anything that goes over a wireless connection unless its setup using a very secure encryption with very secure passwords is going to be listened in to.

Jen

[syphus]

A lot of WiFi hotspots simply suffer from poor security settings.

Really, they should use WPA2 AES/CCMP and IPsec. It'd be easier to walk into an office block and jack into their Ethernet than crack that.

SSL over WEP still doesn't really cut it. You could snoop the certificate if you got in early.

[net.pro]

Yes they are fully secure all you need to have is account system and each user has to login to use the network. And yes without this its highly unsecure.

[Tom]

net.pro, I disagree.

I don't really see how you can say any hardware/software is "fully secure", because it just isnt true. Wifi hostpots are not secure for many reasons, and unless I had to, I wouldn't personally use one.

[Smash]

WPA2 is the best option for homeusers.

Attackers to WEP would Ping nodes into sending packers and after collecting a few 100,000, they had enough to crack the key.

Dont broadcast your SSID, use a real long password/key such as 'djtGF%&86' %$ghyRF76(%m $%' is long enough to prevent Brute Forcing.

Using SSH all the time, whilst secure is a pain in the bum to do all the time.

More security = more time and effort

[ceprateek]

Thanks smash great information. And yes never broadcast youe SSID as then you are more prone to attacks and you can't monitor your server or router 24/7 if you are a home/personal user.