DALLAS – Feb. 26, 2016 – Public Wi-Fi systems, such as those in restaurants, airport terminals and elsewhere, make it easier to steal confidential data when people use them. The reason: A hacker only needs to get into the public Wi-Fi system to monitor everyone’s devices.
USA Today columnist Steven Petrow says he learned that lesson firsthand. While flying out of Dallas on American Airlines, he accessed the inflight public Wi-Fi, GoGo, to write a story about the Apple-FBI standoff over iPhone privacy.
As Petrow put on his jacket to get off the plane, a man one-row back said, “I need to talk to you.” He asked if Petrow was a reporter and suggested they meet at the gate, which Petrow did.
“How did you know I was a reporter?” Petrow asked when they met up, and the man mentioned the Apple/FBI story Petrow was writing. How, Petrow wanted to know, did the man know that?
I hacked your email and read everything you sent and received, and I also did the same thing to most of the people on the plane, the man told Petrow, who reported the incident in his USA Today column. Petrow says the man had “verbatim detail of a long email that he repeated back to me essentially word for word.”
“Imagine if you had been doing a financial transaction,” the man told Petrow. “What if you were making a date?”
Public Wi-Fi security
Steve Nolan, Gogo’s vice president of communications, told Petrow later that the service is “public,” and most public Wi-Fi servers operate similarly. While most offer some kind of warning about sending secure data over a public system, though, many users don’t think twice about it.
Gogo and other public Wi-Fi systems recommend that users send sensitive data only through a virtual private network, or VPN, according to CEO Michael Small.
After the hacker made his confession, Petrow said he “felt as exposed as if I’d been stark naked.” Up to that point, he believed he had little to lose and didn’t need to “worry about online privacy … I’ve got nothing to hide.”
Alex Abdo, an attorney in the ACLU’s Speech, Privacy and Technology Project, offered some suggestions for keeping data safe:
Make sure devices use their built-in encryption features
Use a password manager to help create and store different – and strong – passwords for all accounts
Download messaging apps (WhatsApp, Telegram, Signal) that encrypt voice and electronic messages – but “Keep in mind that even they are not 100 percent secure.”
Source: USA Today, Steven Petrow
SkyFidelity Industries, Inc.
200 Windward Passage, Office #2
Clearwater, Florida 33767