Public WiFi and safety

You're a road warrior. Or maybe you're a broke college student. Perhaps you just like to hang out at Starbucks for hours on end. Regardless of whether or not this describes you, you have probably used public or free WiFi at some point. I'm not judging you..it's free...and it's easy...and it works. But if there's one thing you take away from this post, please let it be this: NEVER enter a website or mobile app password while you are connected to public WiFi. Banking & shopping on public WiFi is literally that last thing I would recommend doing on a public WiFi network.

Here's why:

Many websites and even mobile apps, transmit your data unencrypted. Or it's encrypted, but it's not implemented properly. When this unencrypted data is transmitted, things like usernames, passwords, pins, and the websites you're visiting are in plain text. This data traffic can be "sniffed" and usernames, passwords, etc., can be pulled out. Now this may sound complicated, but it's actually a trivial affair with the right tools and a Google search or two.

Now as dire as that all sounds, it's actually not a major problem if you mitigate the risks. How do you mitigate the risks?

The answer goes by 3 initials - VPN.

VPN or Virtual Private Network used to be one of those things that was reserved for corporate environments or advanced users, mainly due to the difficulty in setting everything up. The age of the mobile app has changed that and now easy to use VPN programs are readily available and just an app store search away. VPN's encrypt your data traffic. A bad guy sniffing WiFi traffic would see that data is being transmitted, but he or she wouldn't be able to see what that traffic contained.

Currently, my two favorite VPN  programs are proXPN and TunnelBear. Both offer free and paid options and both work on PC's, Mac's, Chromebooks, Smart Phones, and Tablets. There really isn't any reason to use public WiFi and not do it safely.

Start using a VPN and the next time you're in Starbucks and you notice the shady guy with the beady eyes peering over the screen of his laptop, you don't have to worry if he's sniffing YOUR data. 

 

 I never use public WiFi without this

I never use public WiFi without this

What to do if you can't upgrade your Windows XP computer

Windows XP has been officially dead for about a year. If you find yourself still using Windows XP, you can follow this guide to make your PC as safe as possible. I highly recommend upgrading from Windows XP to Windows 7, but for some people...even a year later...that's not possible.

If you are stuck on Windows XP, read on.

  1. Stop using Internet Explorer! You can't uninstall Internet Explorer, but you certainly don't have to use it. The only excuse for using Internet Explorer at this point is to download Windows Updates. Since there are no more Windows Updates for Windows XP, you have no more excuses. If you have Apple's Safari browser installed, uninstall it. Internet Explorer and Safari have both been abandoned on Windows XP. Google Chrome will stop with security updates for Windows XP later this month. Uninstall Google Chrome as well. Firefox at this point is your only option. Import your browser favorites and  keep the browser add-ons to a minimum. Eliminate them all if you can.
  2. Uninstall Java, Adobe Flash, Adobe Reader, and Adobe Shockwave. All of these programs are notorious security holes. You can try other PDF readers. Any of them should be more secure than Adobe Reader.
  3. Uninstall any programs you don't use. The goal here is to keep your exposure to vulnerable programs to a minimum. If you don't know what a program is, Google it first before uninstalling. If you have never used it, and it's NOT a device driver or essential program, uninstall it. Keep the programs you leave installed up to date.
  4. When it first came out, Microsoft Security Essentials was and awesome, free, anti-virus program. It's still not bad, but with Windows XP you need something better. The free version of Avast is an excellent choice.
  5. This is the most important tip - start using a limited user account. Close to 100% of all of last years discovered vulnerabilities couldn't harm a PC if the user was using a limited user account. Here's the best way to go about changing from an Administrator account (the default used by Windows) to a limited user account:

Go to the Windows Control Panel and click on "User Accounts".

UserAccounts1

Click on "Create a new account"

UserAccounts2

Name the new account. Something like "Admin" would be a great idea. For this example, that's what I've used. Then click "Next".

UserAccounts4

Pick the account type. Select "Computer Administrator" then click "Create Account".

UserAccounts5

On the "User Accounts" screen, click the new Administrator account you just created.

UserAccounts6

On the "What do you want to change about Admin's account" screen, click create a password. WRITE IT DOWN!!

UserAccounts7

After you've created the password (seriously, write it down!), click on the "Home" button.

UserAccounts8

Back on the "User Accounts" screen select your user account. This is the account you use everyday.

UserAccounts9

On the "What do you want to change about your account?" screen, click "Change my account type".

UserAccounts10

On the "Pick a new account type" screen, pick "Limited" and then click "Change Account Type".

UserAccounts11

Reboot your PC and select your user account on the login screen.

You now have as secure a Windows XP PC as possible. Keep in mind that there are things you can only do with an administrator account, like install programs and change system settings. That's what keeps you safe. You did write down that new administrator account password like I told you to, right? If you try to do something in your limited user account, and you get an error message saying you don't have authorization, switch over to the newly created administrator account and do it there. Then switch back to your limited user account and continue working. Is it a pain? Yes. Is it necessary? Absolutely!

If you need help, let me know. I can make these changes for you remotely, no matter where you live.