One of my favorite things to do is to sit down at a wireless hotspot and cruise the internet. Another one of my favorite things is computer security. Put them together and what do you have? Well, you have a really fun time that will scare most people. I am hoping that this article does scare you into thinking more critically about how and where you use your computer.

Hotspots (wireless access points) are great for convenience. You can drive down to the local Panera and connect to the internet while you eat. For business travelers this is a great service. But let me show you another side of those hotspots that you might not have thought about. These hotspots allow all types of people to share a wireless connection. Now, most people don't mind that. The problem, however, is that there is going to be some people on that connection that aren't so nice.

You see, it's one thing to share a network connection with someone you know and trust. It is a totally different thing to share a network connection, especially a wireless connection, with someone you don't know. Most people assume that because they have an active firewall on their laptop, they are safe while cruising these types of hotspots. That is true to some degree. Surely, a firewall will keep some malicious folks from cruising through your hard drive. But most people miss a simple truth about wireless connections. Let me explain.

A castle has many wonderful defenses. It has a moat and a high wall. It also allows for a high defense position on the walls. This gives the defenders an advantage over attackers. Computers that have a firewall on a network connection are sort of like this. If they include intrusion detectors and the like, they add yet another layer of security. But what if they send a messenger outside the walls with their defense and attack strategies? What if that same messenger also had the keys to the front door or maybe a key to vault nearby? Do you see where I am going with this?

Wireless connections allow other people to see that traffic as it travels to and from the access point. This is where things get very interesting and scary. I can walk into a local internet cafe. I can connect to the network. I can scan all computers on that network and see if they are patched or not. I am referring to known vulnerabilities to Windows machines. I can very quickly assess whether or not that person would be vulnerable to certain attacks. But the fun doesn't stop there.

I can also sniff internet messaging that is going on. I can watch AIM and MSN Messenger conversations in real time. I can reconstruct web pages on the fly as people look at them. I can sniff for ftp user names and passwords. Then I can hook up my bluetooth antenna and start scanning that. I can find all bluetooth enabled devices within the cafe and adjoining stores. Then I can look for open comms and see if I can find known exploits for different devices. And that's just the beginning.

Now, having said that, let me say a few things. If you are establishing a secure session with an email provider or a store, then my job becomes much harder. That traffic is encrypted. Most malicious folks are going to go after the "low-hanging" fruit. This is a mantra of security and hacking. This means that the easiest folks to exploit are the ones that will be exploited.

Do yourself a big favor. Never send identifying information via AIM or MSN Messenger. This is especially true at hotspots. Never set up a non-secure FTP session at a hotspot. I'm assuming that if you're doing FTP that you are a little tech savvy. Also, make sure you have a firewall if you are going to be hanging out. And know that the websites you frequent can be easily snooped. Do not share a connection with folks you don't know or trust without a firewall. You are begging for trouble. Hotspots can be a great convenience, but it comes with a price. Take some precautions or you might become a victim of a digital pick pocket.