Steven Rodin

You've probably heard computer security experts warn you not to use wireless connections at public places such as coffee shops, airports or hotels. But have you ever wondered why?

There are a few important reasons for this. First - and most obvious - is something called "packet sniffing". You may not realize it, but every unsecured communication that you transmit over the internet is broadcast to every computer within your local network. For a coffee shop with free WiFi, this could be every computer within a one-mile radius.

Packet Sniffing used to be the exclusive domain of hard-core hackers with advanced networking expertise. But today, we're seeing free, easy-to-use packet sniffing programs with intuitive graphical interfaces. Now every teenager can be a hacker without actually having to understand exactly what it is they're doing.

But most of your highly-sensitive transactions are protected from this type of spying through the use of SSL connections.

Don't get me wrong, SSL is extremely strong and reliable. That's why banks use it. But even SSL can be compromised if you don't respect it.

And one of the ways hackers can exploit SSL is through the use of a man-in-the-middle attack. Here is the hack explained in its simplest form.

Let's assume that you frequently go to your favourite coffee shop and log onto their wireless network, which is called "Free Coffee WiFi". Because this is a trusted network on your machine, your computer just connects automatically whenever it's within range.

Now, a hacker walks in and unplugs the wireless router when nobody's looking, or uses some other hacky technique to shut down the router. (This is easy because these routers are usually set up by minimum-wage employees with no network security training)

Once this router is down, the hacker sets up their laptop to broadcast itself as an open wireless access point called "Free Coffee Wifi".

Now, when you walk into the coffee shop, your laptop automatically connects to the hackers laptop, while erroneously believing that it's connecting to the legitimate WiFi connection. And because all of this happens in the background, you have no idea what's happening.

Now when you try to connect to a secure web site - such as a bank - you will actually only be securely connecting to this intermediary machine. Then, this machine will decrypt your password and re-connect directly to your bank through a separate secure connection.

To you and your bank, everything will seem perfectly normal. But the entire session is being monitored and intercepted.

So how can you tell if your interaction is being subject to this kind of attack? If you don't have a background in networking, there isn't much you can do.

But there are some precautions you can take. By investing a few dollars per month in the purchase of a Virtual Private Network connection, you can securely tunnel around these potential threats. Also, make sure that any applications that automatically transmit private data over the Internet - such as your online backup software - use an extra layer of client-sided encryption when transmitting packets.

This way, your data will remain secure even if the secure connection is compromised.

Related Stories

• Netronome Prevents “Man-In-The-Middle” Attacks
• PhoneFactor Discovers Major Vulnerability in SSL Authentication
• VeriSign Offers Recommendations on How to Protect From Man-in-the-Middle Attacks