STOCK QUOTES     More market data...

Small office / Home office
Wi-Fi tools protect connection

By GLENN FLEISHMAN
Special to The Seattle Times

E-mail this article Print this article Search archive Most read articles Most e-mailed articles

It's nothing personal. Most Wi-Fi hotspot sniffers are just looking to obtain information that they can use for their own amusement. But some might put that information for ill purposes.

Whatever the purpose, the time has come that you have to assume that your traffic is being intercepted at a hotspot.

But you can protect what you're doing from prying eyes. Until recently, encrypting network traffic required a corporation on the other end to handle the virtual private network (VPN) servers that create protected tunnels of data from your roaming computer back to headquarters.

But many of the tools used by corporations have filtered down, allowing users without information-technology resources to purchase the same level of protection at a fraction of the cost of running it for themselves.

Last week, we covered securing e-mail to prevent your password from being stolen and contents from being snooped. Today, we look at protecting your entire connection, whether you're transferring files, viewing e-mail, surfing the Web, or using special Internet programs provided by your employer.

Protected wireless session. T-Mobile USA has pioneered the use of the awkwardly named 802.1X login standard for Wi-Fi hotspots, rolling it out to all its U.S. locations a few weeks ago.

"It seems like a bunch of gobbledy-gook," said Joe Sims, T-Mobile vice president of hotspots. But he noted "it's about enhanced security for our customers."

Stated simply, 802.1X lets users on a Wi-Fi network automatically obtain a unique password when they log in. No two users have the same password, and the security level of the encryption is high enough to block even the most determined industrial-grade cracker.

With 802.1X, T-Mobile protects the connection through encryption from your computer to their wireless access point. The system uses more conventional physical and data security from that point out to the Internet.

To use 802.1X with T-Mobile's network, you need the latest version of their connection software, which works with Windows 98, ME, 2000 and XP.
 
Craig Nelson, director of infrastructure and security at Avanade, a Seattle information-technology consulting and development company, said that the convenience of 802.1X allowed him to bypass hotspot gateway pages and logins while relying on a secure connection.

Protected connection. Even a humble home or business user can bring out the big guns and deploy a VPN without breaking the bank.

HotSpotVPN.com was founded specifically to provide VPN service for hotspot users. The charge is $8.88 per month or $88.00 per year. The service uses the common PPTP (Point-to-Point Tunneling Protocol), which is built into VPN software in several versions of Windows, Mac OS X 10.2 and 10.3.

Security isn't optional at hotspots anymore. As Jeremy Howard, chief executive of e-mail host Fastmail.fm, put it, "You have to assume that anyone can read anything you're typing."

Glenn Fleishman, a Seattle freelancer, writes the Practical Mac column in Personal Technology.