Campground wifi security

[mjones12]

I'd like to hear what some of you computer-savvy folks think about campground wifi security. Is it safe to log onto your online banking account without someone accessing your login information? Most of the places we stay have passwords for accessing their wifi system but, of course, everyone staying there is given the password.

Thanks in advance for any suggestions you can provide.

[Still Kickin]

Read a lot lately about cyber security, china, the rooski's doing major hacking. None hacked campground wifi yet!

[Islander]

Very Good question.

I will be interested to read informative replies as well.

This seems to always be a concern at the CG's that provide wifi.

Islander

[B and B]

If you are doing sensitive work you should be using encryption on your on MiFi or air card conection. If your password for your account is password or last name or fur baby name you are already hacked.

[RedLdr1]

There are so many variables in wifi security it is hard to give a definitive answer. And you really don't know what is in use from one location to another. Network access passwords at campgrounds and hotels almost never change. And I know folks who were hacked using public wifi....

Rather than risk being easily hacked I added a Samung Galaxy Tablet to my Verizon cellular account. I'll use the "free" wifi for things that don't matter. But e-mail and financial info will go over the cell phone network on the Samsung. I've already added ESET anti-virus on it to minimize threats. Plus the DW wanted a Tablet so I solved two issues at once...

[BooBoo23]

If the web address you use is - https:// it is secure. Anytime the "s" is behind the http it is encrypted and secure. Amost all websites for banks or financial institutions and anyplace that asks for a CC # will be secure just look for the "s".For other uses you probably need to set your own wifi network in your RV with it's own password protection and connect to the campground wifi. I'm not smart enough on the subject to make any suggestions but just do a Google search on the subject of wifi security and you will find many devices to accomplish this for under $100.


If the government and major corporations can't stop it then you will never be able to accomplish it either. I'll have to ask an old friend of mine that worked in computer security for Fairchild Corp how he did it.

[mjones12]

Quote:

Originally Posted by RedLdr1

There are so many variables in wifi security it is hard to give a definitive answer. And you really don't know what is in use from one location to another. Network access passwords at campgrounds and hotels almost never change. And I know folks who were hacked using public wifi....

Rather than risk being easily hacked I added a Samung Galaxy Tablet to my Verizon cellular account. I'll use the "free" wifi for things that don't matter. But e-mail and financial info will go over the cell phone network on the Samsung. I've already added ESET anti-virus on it to minimize threats. Plus the DW wanted a Tablet so I solved two issues at once...

So if I ignore the campground wifi and simply access my bank account through the Verizon data plan on my phone (or tablet) I should be protected?

[Flybob]

You are best off doing any sensitive stuff via your phone. Campground wifi can easily be spoofed by someone setting up a fake server ( even https://) and capturing all your keystrokes once you log in. This is true for any public wifi ( of which campground is one).

[fr1rd831]

I work in Cyber security and I would never use anyone else's wireless to do Banking or anything that might expose my personal information. The vulnerabilities being found today and the speed at which attackers are developing new exploits just to take your info make it very risky. From man in the middle to vulnerabilities in the encryption used to secure our communications.

It's all about managing risk. Anything you can do to reduce that risk you should do.

I personally only use my cell phone to do banking or if I need to connect with my laptop I use the hotspot feature of my cell phone.

A few tips

Never click links in an e-mail that comes from web sites you have accounts with. Go to the web page directly from your own book marks. understand that no financial institution will ask you to e-mail personal info.

Be sure you have antivirus/spyware protection installed, it's worth the $$. There are free ones out there that are decent. Scan your computer at least weekly.

Use Chrome or Firefox instead of Internet Explorer for your browser. install Adblock and scrip blocking add-ons.

Check for updates at least weekly to ensure you have the latest patches.

Again if you can reduce risk you should.

[jk510]

If you are still paranoid about security then you might want to look at tunneling software. They connect your computer to a proxy server using it's own secure link. You will still connect the same way to the campground's WiFi but then you establish a secure link from your computer to that server. All your internet connection will then be routed from that server. Check out https://www.tunnelbear.com/ for more (and better) information

[Mountndream]

Quote:

Originally Posted by fr1rd831

I work in Cyber security and I would never use anyone else's wireless to do Banking or anything that might expose my personal information. The vulnerabilities being found today and the speed at which attackers are developing new exploits just to take your info make it very risky. From man in the middle to vulnerabilities in the encryption used to secure our communications.

It's all about managing risk. Anything you can do to reduce that risk you should do.

I personally only use my cell phone to do banking or if I need to connect with my laptop I use the hotspot feature of my cell phone.

A few tips

Never click links in an e-mail that comes from web sites you have accounts with. Go to the web page directly from your own book marks. understand that no financial institution will ask you to e-mail personal info.

Be sure you have antivirus/spyware protection installed, it's worth the $$. There are free ones out there that are decent. Scan your computer at least weekly.

Use Chrome or Firefox instead of Internet Explorer for your browser. install Adblock and scrip blocking add-ons.

Check for updates at least weekly to ensure you have the latest patches.

Again if you can reduce risk you should.

What he/ she said !!!

I am in the IT field as well.

[RollingDownTheHighway]

I'm in the IT field and I don't use any free WiFi, there's too many hackers out there and no matter what people tell ya, everything can be hacked. Most of these CG owners, setup the wifi themselves, or hired some small IT shop that uses a few $20 wireless routers with little to no security on them.

[Sharon455]

The $20 I pay monthly for our MiFi, I have peace of mind vs the wondering whether the CG WiFi is secure. Of course, I set up as many payments as possible before hitting the road.


Sent from my iPad using Forest River Forums

[DaveSchwartz]

Firstly, use up-to-date virus and malware protection... if your device is compromised (e.g. keystroke loggers), you've lost the battle before it starts no matter how secure the connection.

All your connections to sites where you exchange private information should by secured by certificates and up-to-date encryption technologies. Start by verifying that the URL starts with 'HTTPS' and not 'HTTP' (this has been mentioned before).

However, not all HTTPS is the same. Many sites (even banks I deal with) do use security but are slow to keep up with the state-of-the-art.

An easy way to find out how good their tech is using the Chrome browser is to look at the lock icon just before the 'https' on the address line https://support.google.com/chrome/answer/95617?hl=en (Firefox has something similar - https://support.mozilla.org/en-US/kb...tion-is-secure). There are a number of different icons I have seen and you can click on the icon to get a report of the quality of the security. A 'lock' with a solid green body is best - this means the latest tech is in place and that your session is secure against all but an NSA-level attack. If the lock has a yellow triangle, it is still OK (would need significant effort to crack a session - a brute-force attack would probably take longer than the sensitivity lifetime of the data) but should be updated - let the site's admin know. If the lock has a red X and the 'https' is struck out with a red line, its garbage and should not be used for sensitive information.

If I have either the green or orange triangle I will go ahead and use the site over WiFi. It really doesn't matter to me how compromised the WiFi access point is because as long as your device is not compromised, the data packets (payload) are encrypted end-to-end and I don't care how many of those a hacker can grab. It doesn't matter that the headers can be read from a compromised access point - there's no sensitive information there (unless you consider your metadata super-secret too - in which case, what are you doing using a computer or a phone now?).

The thing about HTTPS security is that each time you access the site, a fresh session key is negotiated using slow-but-good public-key cryptography. That session key is then used for a fast-but-not-as-good encryption of the bulk data for that session only. The 'fast-but-not-as-good' encryption is generally accepted to be good enough because the duration of the session is going to be short enough that not enough data will be exchanged using it to facilitate a reasonable attack.

[vinmaker]

You will need to set a VPN connection.

All public connections should be treated with care.

Vin.

[Boso]

Don't even use a computer anymore only iPhone haven't had any of the problems that I constantly had with computer the new iPhone 6 plus is the best little computer I ever had my laptops are retired for ever

[Pod2Vibe]

If a campground or park has a more modern wifi system that takes you to a special web browser page to then login, it will be way more secure than one that gives everyone the same abc123 password that gets entered right on your device.

The webpage is usually branded to the site or the provider of the wifi service.

[MarsMan]

Quote:

Originally Posted by RedLdr1

There are so many variables in wifi security it is hard to give a definitive answer. And you really don't know what is in use from one location to another. Network access passwords at campgrounds and hotels almost never change. And I know folks who were hacked using public wifi....

Rather than risk being easily hacked I added a Samung Galaxy Tablet to my Verizon cellular account. I'll use the "free" wifi for things that don't matter. But e-mail and financial info will go over the cell phone network on the Samsung. I've already added ESET anti-virus on it to minimize threats. Plus the DW wanted a Tablet so I solved two issues at once...

x2- use your cell network for sensitive stuff unless you are 100% confident the wifi is safe

Do any of you use an external device to help pull in the wifi?

[NWF Geek]

Look at my tagline. I write a Computers and Technology Q&A column that publishes in various newspapers across the country. That should give me all the street cred I need for you to believe what I'll tell you.

By and large, you do NOT want to use public WiFi of ANY KIND to do work of a sensitive nature. That would include anything that requires an account number or password. Contrary to what you'll read here, https:// does NOT guarantee that data is being securely transmitted. Here are a couple of links to past issues of my column that address this issue: Issue #375: Sep 28–Oct 4, 2014 | ItsGeekToMe.co Issue #272: October 7, 2012 | ItsGeekToMe.co

[Patrickdana]

All wifi signals are easily intercepted if someone is determined. The only safer way to access sensitive sites is use encryption. Most banks use encryption so check with your institution.


Sent from my iPad using Forest River Forums