Griffiths / Public network a snooper’s dream

Share Canberra's trusted news:

THE internet is a fabulously insecure thing.

John Griffiths
John Griffiths
Long years ago I was warned that email should be treated as a postcard.

To the machines that move them around, and there are many of them, an email is a string of openly readable text.

If your network uses hubs then every other machine on that hub can also see all the emails being sent by all the other users.

In your Google “packet sniffer” there’s loads of free software that lets you see what’s actually being broadcast on your network.

One part of the Edward Snowden revelations was they confirmed just how hard security agencies have worked to keep the internet insecure, to make their snooping easier.

Normally this isn’t a problem because most people’s emails are not very interesting, and because most people on your network can be trusted.

You should, however, be wary of giving your home WiFi password to people you don’t trust.

Even in, for example, a McDonald’s, the shared WiFi (while generally less useful than half decent mobile data) is probably safe enough because the numbers of users are so low it’s not worth a crook’s time to watch the network in the hope of seeing an unguarded credit card number.

Which brings us to the ACT Government’s planned WiFi network, which had a test spin recently in Civic.

The Garema Place hotspot worked well from Mort Street to just past the merry-go-round, let’s say a radius of 100 metres.

A home, or McDonald’s, hot spot has a range closer to 10 metres.

So what difference does adding a zero make?

For those readers who have been out of school a while, let me remind you that the area covered by a circle can be determined with r2. So multiply the radius of the circle by itself and then (roughly) multiply by 3.

A home network covers 300 square metres. The Civic hotspot was covering more like 30,000 square metres.

Suddenly, the risk/reward equation for the bad guys slides over to “worth a go”.

A tricked out mobile phone with a $30 solar charger from Supercheap Auto and waterproofing via an upturned soup bowl could sit on the roof of any building in the centre of Civic and listen in to everything being sent on the free public WiFi network.

Now, it is true that web browsing can be encrypted. If the website address you’re looking at is https rather than http at the start then it’s moderately secure.

But how about the apps your phone is blabbering with on the internet? Do you know if they’re handshaking with the server and blurting your password and email address insecurely?

Small-time app makers often don’t think of security when they’re getting started and can get wildly popular, like WhatsApp, before they’re forced to think about it. There’s no easy way for app users to know if data is being sent securely by their apps.

Normally that’s not a problem either, because insecure networks tend to be small.

The upshot is you get what you pay for and really need to think carefully about what you send on free networks that anyone can be listening in to.

I’m not normally one for password paranoia but, for the love of God, make sure your primary email password is unique from all the other ones you use. If your app is blabbing your email (often used as a login) and a common password over an insecure network you’ve pretty much handed over your entire online identity to the guy running the sniffer.

He’s probably not doing that for the love of humanity.


Who Can You Trust?

In a world beleaguered by spin and confused messages, there's never been more need for diverse, trustworthy, independent journalism in Canberra.

Who can you trust? Well, for more than 25 years, "CityNews" has proudly been an independent, free, family-owned news magazine, serving the national capital with quality, integrity and authority. Through our weekly magazine and daily through our digital platforms, we constantly and reliably deliver high-quality and diverse opinion, news, arts, socials and lifestyle columns.

If you trust our work online and believe in the power of independent voices, I encourage you to make a small contribution.

Every dollar of support will be invested back into our journalism so we can continue to provide a valuably different view of what's happening around you and keep free.

Click here to make your donation and you will be supporting the future of journalism and media diversity in the ACT.

Thank you,

Ian Meikle, editor

Previous articleCommonwealth stumps up $50,000 for a CSO Christmas Concert
Next articleDigital edition 19 June


Leave a Reply