Help - Search - Members - Calendar
Full Version: Campground Wifi & Internet Banking, Is It Safe?
RV Park Reviews Campground Discussion Forum > RV Park and Campground Discussions > RV Park Discussions
wpr
Hi everyone,

In the topic about WalMart WiFi, Lindsay Richards wrote that he does not like to do his internet banking on campground WiFi. I have always assumed it to be safe, as my internet bank will always ask me one of five different questions when I do not use my own computer. Is there anything to worry about? Anything special one should or should not do?
Beastdriver
As a retired banker, I can tell you that banks have extraordinary safeguards to protect your on-line accounts. Some use codewords, others use matching photos that you select along with key words, others use questions you must answer, all use encryption of some type or another. Having said that, let me also tell you that there is not a computer code or program in the world that cannot be broken with enough effort. Make sure that your bank has a policy of replacing any funds stolen from your account or any losses you incur as a result of their protective layers being breached. Ask them. If they say no, then find another bank.
wpr
Thanks, Beastdriver.

My bank makes absolutely no problem if there is something wrong. Several years back someone managed to send 84 times 24.99$ from my Visa card to some outfit in Houston within a few hours. The bank fixed everything, including sending me a new credit card, in no time. Of course I was at home at that time, had I been on the road it would have been a lot more complicated. Everytime I use another computer for internet banking or even just after I upgraded my browser I have to answer one of five questions asked randomly, so I guess that should be secure enough, even if someone intercepts my banking info. Plus, I do my banking in French, so that again means another safeguard. I have complete confidence in my bank, otherwise I wouldn't leave my money there.
denbroncs
Most of the safety can and should be done on your end. Adequate firewall protection and other basic safeguards prevent other "sniffers" from obtaining your account and username/password information. If the bank is hacked, you're screwed either way - but as was mentioned already, most banks have elaborate failsafes built in. Also, use another browser such as Firefox. They have not had the vulnerabilities Internet Explorer has seemed to have problems with.
wpr
denbroncs,

I already do a few things to keep my end safe. I switched the autofill feature of my browser off, so I have to fill in my account number and my password by hand every time I want to check my accounts. This way I nobody can get into my accounts in case my laptop is lost or gets stolen. I have never used Internet Explorer, as a general rule I try to avoid Microsoft products whenever possible. I even got rid of my hotmail account after hotmail was bought by Microsoft. This brought a dramatic reduction in spam and virus attacks.

I have a firewall, and for all I know the traffic between my computer and the WiFi base station is encrypted.

On my bank's side, every time I use a computer other than my own or even if I just upgraded my browser, they ask one of five questions at random. This means that someone who manages to intercept my banking info will still have to know the answers before getting into my account from a different computer.

Also, I do my banking in French, so somebody trying to access my accounts would have pages in French pop up, and this might throw a few crooks off base as well.

Now, my question is, is there anything else I should or should not do?
denbroncs
wpr,
You are going beyond the basic safeguards and I commend you for that. Nothing is inpenetrable. I am confident that in France they have hackers as well. However, your personal system is safer than 99% of all computers out there. Again, if your bank is hacked, you and all bank customers are at risk whether they utilize internet banking or not. In a imperfect world, you're doing the right things.
Florida Native
The basic question that I guess I have is when I enter my user name and password via WiFi, it is passing through the "airways" to the server at the campground, is it possible for somebody to intercept this data and then use it for harmful purposes? I have a WiFi set up in my house and have it password protected also. I am not a computer expert anymore and was hoping one of the experts online here could answer this one for me.
pianotuna
Hi Lindsay,

Anything is possible. Is it likely? Probably not--or the banks would not allow "on line" banking. The only truly secure computers are those that are turned off. For example, your keyboard "communicates" to the computer by using radio frequencies for each of the different keys. A sufficiently sensitive receiver can "listen" and then "decode" this information making all encryption of data useless seeing as it is the "raw" keystrokes that are being "recorded". Having a wifi password at home makes your home network a tiny bit safer. But any decent hacker can break through such security measures in a matter of minutes.

To say this another way--having a wifi password doesn't encrypt the data that is being sent in any way. It just keeps your neighbors from seeing your computer on their wifi network.

QUOTE(Lindsay Richards @ Mar 15 2007, 06:07 AM) *

The basic question that I guess I have is when I enter my user name and password via WiFi, it is passing through the "airways" to the server at the campground, is it possible for somebody to intercept this data and then use it for harmful purposes? I have a WiFi set up in my house and have it password protected also. I am not a computer expert anymore and was hoping one of the experts online here could answer this one for me.
COWolfPack
I found the following article online at the Seattle-post Intelligencer on 3/19 and thought it was particularly relevent to this thread. Being on an online newspaper and not knowing how long they would archive it for viewing I just quoted the article below.

QUOTE

Security risks encircle Wi-Fi
Not seeing what you're getting into leaves you vulnerable

By DAN FOST
SAN FRANCISCO CHRONICLE

When many of the computer industry's top security gurus gathered in San Francisco last month for a conference, a Boston company decided to point its radar toward the airwaves and see how much of the show's wireless activity it could see.

The distressing and ironic answer? The Boston hackers could eavesdrop on more than half of the wireless traffic ... at a security conference!

If most of the people attending last month's RSA Conference have not taken the basic precautions to protect their online activity while using public Wi-Fi, then what of all those civilians setting up shop in cafes and airports?

In short, say computer security experts, people are putting themselves at risk every day.

The risk could be reaching one of its highest levels as the country approaches tax season and some of the most sensitive personal and financial information travels the Wi-Fi airwaves. More than 73 million people filed their taxes electronically last year, according to the Internal Revenue Service, and 46 million have already done so this year.

"When it comes to wireless security, there is a profound amount of user indifference. You don't really see what you are getting yourself into," said Amit Sinha, chief technology officer of AirDefense, the Boston company that conducted "wireless airwave monitoring" one morning at the RSA Conference. AirDefense found that 56 percent of 623 devices -- laptops, cell phones, personal digital assistants and PCs -- were susceptible to attacks.

The risks are everywhere.

"Wi-Fi, as implemented out of the box, is not only not secure, it's promiscuous," said David Perry, director of global education for Trend Micro, a Japanese maker of security software.

If you use it at home, you're likely to be opening yourself up to attacks unless you take precautions. If you use Wi-Fi in a cafe, "It turns your network into a radio station," Perry said. Or you could be connecting to an "evil twin" -- a Wi-Fi network set up by a bad guy posing as the cafe's network.

And if you use a publicly available computer, such as one in a library, "assume that it's compromised," Perry said. "A lot of those are infected with keyloggers, screenscrapers, bots, rootkits, data stealers, all kinds of stuff."

At the Black Hat Convention in Washington last month, where security experts gather to marshal forces against the dark side of computing, Robert Graham of Errata Security, a high-end firm in Atlanta, demonstrated his new tool, Ferret. It impressed even the wizards at Black Hat with its ability to watch all the traffic in a network. Graham has made the tool available free on his Web site.

In addition to the threats in public, many people do not secure their home Wi-Fi networks, sometimes because of the hassle, and sometimes because of an egalitarian impulse to share their Wi-Fi.

"The home presents even more vulnerabilities than hotspot environments," said Stu Elefant, senior product manager at McAfee Inc., the security software firm in Santa Clara, Calif.

"With wireless networks, your data is being transmitted over the open air," Elefant said. "Anyone can grab those data packets. And they can jump on your home wireless network to do bad things to you, and to other people. It's as if they came in your front door and plugged into your network. They can look for vulnerabilities, out-of-date security software, unpatched operating system holes," and they can set up your computer as a "bot" or "zombie" that they can use for other attacks.

"Wireless gives them a semblance of anonymity," he said. "They can launch spam on other people, launch virus attacks on other people, steal pirated material, and the homeowner is the one who is going to get the knock on the door from the FBI."

But all the scary rhetoric doesn't mean there are no solutions out there. There are many things people can do to make themselves safer, but those things often mean spending a little money and time.

Two of the most popular solutions are from security software companies Symantec and McAfee. McAfee Wireless Protection sells for $29.99 for a year and its flagship McAfee Total Protection is $59.99. Total Protection offers a more complete suite, including firewall, backup, antivirus and antispam. Symantec's Norton Internet Security 2007 features antivirus and firewall, among other things, and is priced at $69.99 for a year's subscription; Norton 360 is $79.99 for one year and includes backup and tuneup, and is billed as being more comprehensive and easier to use. Both companies' products may be installed on up to three machines.

With the solutions available, people should feel somewhat safer in their online interactions. Run everything through what Paul Miller, managing director of Symantec's mobile security group, calls a "secure tunnel," and you should be safe.

WI-FI TIPS

Security experts offer these tips when using wireless Internet access:

Use a suite of security software, including a firewall, like those available from McAfee, Symantec and Trend Micro. Make sure your software is up to date. Some companies, such as Webroot of Boulder, Colo., offer free scans of your system from their Web sites.

When logging on in a cafe or hotel, make sure you find out from an employee what the name of the network is, so you don't fall for a phony network set up by a hacker.

Change the password when you set up your router at home.

Try using OpenDNS, a free service at opendns.com, which will change the router's settings and, among other things, prevent pharming attacks (in which you think you're entering data at, say, your bank's Web site, but really you're at a fake site).

When on a secure financial site, make sure the address bar reads https (the "s" at the end stands for "secure") and that a picture of a lock shows up next to the address.

To get particularly tricky, when setting up your laptop, Robert Graham of Atlanta's Errata Security suggests giving yourself a gender-bending sign-in. If your name is Bob, make your sign-in Mary. Most hackers wouldn't suspect people of lying to their own computer, and it will throw them off the trail of your data.

If you get confused, call tech support for the router or the security software. You can also pay for a service like Best Buy's Geek Squad to fix the problem.
Florida Native
This article is exactly what I was afraid of darn it. I think I am going to buy a suite of protection. I have a WiFi network at home also. but don't live that close to anybody.
GerryW
Many of the comments don't seem directed to use of an RV park WiFi network, which is almost always not secure, not encrypted and accessible by anyone. Firewalls may protect against access to your computer but will not protect interception of data sent over the open airwaves.

Similarly, even though connecting to a secure site, the local airwaves are not secure. Data transmitted over the local net can be compromised.
pianotuna
hi Lindsay,

Have a look at jiwire.

http://www.jiwire.com/

Click on the item called "protect your privacy at hotspots"

Another option is a program called Ipig which is freeware Have a look here:

http://www.download.com/iPIG-WiFi-Hotspot-...tml?tag=lst-0-3

I still think your credit card is more likely to be "hijacked" than data sent over a wifi connection.

Good luck!

QUOTE(Lindsay Richards @ Mar 20 2007, 07:53 AM) *

This article is exactly what I was afraid of darn it. I think I am going to buy a suite of protection. I have a WiFi network at home also. but don't live that close to anybody.
Florida Native
I have my own webite and update it frequently. Will this program mess that process up. You can see, I am not real up on this type of stuff. We are leaving for North Carolina tomorrow and will be WiFi only for several weeks. I hate to not be able to access my account as we have pretty much switched to debit card for almost all purchases and do online banking for almost all routine bill paying. I resisted online banking for years, but love it now.
pianotuna
Hi Lindsay,

Ipig is transparent. It may slow transmission down a tiny bit--but probably not enough to notice. In any event you could turn it *off* except when doing your online banking. (That's my plan).

QUOTE(Lindsay Richards @ Mar 21 2007, 07:50 AM) *

I have my own webite and update it frequently. Will this program mess that process up. You can see, I am not real up on this type of stuff. We are leaving for North Carolina tomorrow and will be WiFi only for several weeks. I hate to not be able to access my account as we have pretty much switched to debit card for almost all purchases and do online banking for almost all routine bill paying. I resisted online banking for years, but love it now.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.