POSTED ON WEDNESDAY, NOVEMBER 3, 2010 AT 10:05 AM
Many of us use wireless networks to access the Internet. Most homes are now equipped with a wireless router, providing Internet access for desktop and laptop computers anywhere in the home and even out in the back yard. It's almost impossible to find a non-wireless (or "wired") router at your local computer dealer and almost every computer on the market now ships with a pre-installed wireless network card. So the question is — how secure is your network? How secure is your computer itself? How secure are you?
A bit of trivia for those of you who may not already know — aside from being web designers, we were also Macintosh Computer Specialists for many years. Our company was actually formed in 1992 when we started doing business as an Apple Authorized Reseller and Service Provider on Vancouver's North Shore, obtaining the prestigious title of Authorized Apple Specialist in late 1996. Although we no longer advertise Mac sales on our website, we've maintained an active involvement with Apple computers since the year 2000.
Having said that, we were recently asked to set up a new computer system for a web design client of ours who also needed help with configuring their Internet connection through a new ISP. Our client purchased a brand spanking new 27-inch 2.8GHz Intel Core i5 iMac with all the bells and whistles and 8GB of RAM to boot. It was another routine data-transfer and setup for us, having done thousands of them over the years. But what really caught our attention this time around was the wireless gateway which our client had received from their ISP — one of the larger ISP's in Vancouver. It was a combination modem and router which arrived via Canada Post. Inside the box was a tiny little 12-page guide on getting connected to the Internet. There were absolutely no instructions anywhere in the guide for configuring the wireless portion of the router. We didn't need the instructions ourselves. The point we're trying to make here is how vulnerable the average computer user may become when they connect one of these devices to their computer without having a good understanding of exactly what they're doing.
The wireless gateway shipped with its wireless interface "enabled" by default. Almost anyone with even a slight bit of extra computer knowledge (not necessarily even a "cracker", per se) would certainly know the default username and password for this wireless gateway model along with all of its other default settings. Straight out of the box, anyone "in the know" could have connected to this device once the power switch was turned on and the device was properly communicating back and forth between the brand new iMac and the ISP. Of course, it's quite possible that this particular wireless gateway had been re-packaged and sent back out to a "new" owner without having its factory settings correctly restored. We did see this happen with the odd product every now and again during the height of our computer sales and service days (we even had a replacement wireless mouse sent out to us just a few months ago which bore the name of its previous owner once it was paired via Bluetooth!). But it's very doubtful that this was the case for our client — the wireless gateway looked brand new to us.
We're not mentioning the name of the ISP nor are we posting any default usernames and passwords for any of the equipment in this article but to make a long story short, what we're trying to do is stress the importance of changing your password and securing your wireless network before using it. How many of you have actually done this? It doesn't matter what type of wireless (or even non-wireless or "wired") router you use. Changing the password (and username if your particular router allows it) is the very first thing you need to do.
There is so much to be concerned about when it comes to Internet Security in this day and age, especially with wireless networks. Seldom does a day go by when you don't hear the term Wi-Fi used in casual conversation or on television. You sit in a coffee shop and you can instantly connect to a Wi-Fi hotspot the moment you flip open the lid of your laptop. Never mind the smartphones (we'll save those for another article). With the right software package installed (again, we won't mention any names here), the guy sipping on that cappuccino in the corner of the coffee shop inconspicuously staring at his HP Pavilion could quite possibly be watching everything you're doing on your new MacBook Pro if you're not careful.
Here are just a few Internet Security tips to consider — we could probably write a book on Internet Security so we'll try to cover even more in a future article:
1) Always change the password and username on your router before using it for the first time (note that some routers may not allow you to change the username) and always secure your router and network to the best of your abilities. Carefully read the instructions that (hopefully) shipped with your router and don't be afraid to ask questions if you're in doubt. If you have a built-in software firewall, turn it on (Mac OS X 10.5.x users can click on the Security pane in System Preferences). Every little bit of protection helps.
2) Not everybody needs a wireless network. If you only have one computer which sits in the same place all day and all night long, connect it to your router using an ethernet cable and completely disable your router's wireless interface. Turn your modem and router off at night (or whenever they're not in use for any length of time).
3) When you're sitting in a coffee shop accessing the Internet, save your online banking for when you get home to a "closed" (secure) network. Don't be sending out any of your sensitive data at the local beanery. Even though you should be connecting via "https" to your bank (the "s" stands for "secure" and a lock icon should show up somewhere in your browser), we still wouldn't recommend doing something like this through a wireless access point (WAP) at The Insomnia Café. Actually, you shouldn't be sending out any passwords at all on a "public" wireless network through plain old, unencrypted http connections (without the "s" for "secure") — social networking sites included.
4) Change your passwords often. And we mean real often. Every couple of weeks. Not just for routers but for your e-mail account and for everything else. You should also consider changing your IP Address on a regular basis (doing a "release and renew" in your system software network settings or through your router's web interface).
5) Use long passwords (the longer the better) and use a combination of numbers, uppercase and lowercase letters and even characters (like hyphens and underscores if they're allowed). Don't use birth dates or people's names. Don't use the same password for every service, as tempting as it may be considering how much of a rush we all seem to be in nowadays — use a different password for each service. Most of you probably already know the routine by now but pick something that would be impossible for anyone to guess except for yourself (and don't write your passwords down on the back of the coffee card in your wallet!).
6) Install anti-virus software on your computer. Here's where we might take some flack because everyone says "Macs are immune to viruses". We strongly disagree with this. There will come a day when your Mac becomes vulnerable. Exactly when, we don't know but it will eventually happen. You're far better off being prepared for that day to arrive rather than being left "naked" without any protection at all. Granted, Macs don't have anywhere near the amount of problems that Windows-based PC's have when it comes to viruses, worms and malware but trust us — this will change because the Mac world is becoming larger and larger every day (at the "Back To The Mac" Media Event on October 20th, 2010, Apple announced that one out of every five retail computers sold in the US is now a Mac). There are a number of anti-virus software applications available for the Mac — we really like BitDefender Virus Scanner For Mac (best of all, it's a free download from the Mac App Store).
7) Download software from trusted sources only. Slap your hands and take your chances if you attempt to obtain software via the "torrent" route — not only is this illegal but it's not a good idea because you never know what you'll end up with on your computer (a trojan designed to wipe out your documents, perhaps). Always be sure to install the latest security updates for both your system software and for the individual software applications and extensions on your computer and be sure that your router has been updated to the most recent firmware version.
8) Don't click on those suspicious (yet tempting) links which read something like this: "Is this you in this video?" Use common sense and watch for spelling mistakes in any e-mail messages which you're unsure of (bad spelling is almost always a dead giveaway). And make sure your spam filter is on — both, through your ISP and in your e-mail program.
9) Be extremely careful with any personal information you post on the Internet, particularly when it comes to social networking sites like Facebook, Twitter and about two hundred and fifty-plus others. Once your personal information is posted somewhere on the Internet, you'll more than likely find that it's almost impossible to have it removed.
10) If you have a WordPress site, it is absolutely imperative that you keep your version of WordPress up to date and once again, pay close attention to your passwords. WordPress has become a huge target for "hackers" due to its rise in popularity.
Using computers and surfing the Internet should be fun and rewarding for everyone but we all need to take certain precautions in order to play it safe. As long as we continue to use this technology, there will always be an exploit, loophole or vulnerability somewhere on the Internet. Don't take any chances. You lock your doors and turn on your alarm system when you leave your home. Do the exact same thing with your computer system.
Until next time — enjoy that tall latté and be sure to leave your chequing statement at home!
[Updated 02.22.11] This New York Times article entitled New Hacking Tools Pose Bigger Threats to Wi-Fi Users is definitely worth reading if you're concerned about the security of your Wi-Fi connection. It offers deeper insight into the problem along with some good advice and recommendations.
Sites Recently Completed Or Updated
Move your mouse over a link below for a web site design preview. Click on a link to visit a web site: