On the Road: Fear and Living with Public Computing.

It’s spring, and for many of us that means the travel season has begun.  There are upcoming conferences and meetings, and of course the summer field season is approaching rapidly. Traveling with your computer has become the norm because of the ubiquitous availability of wireless networks (WiFi),  meaning communication channels stay open with family, friends, professors, and work.  This level of communication makes travel less isolating (and perhaps less relaxing ) as it once was. However, this near-constant connectivity raises new concerns for the safety and security of your personal and professional information. The keys to avoiding unintended consequences to your computer or loss of personal information are understanding risks and being cautious, aware, and prepared.

One of the most effective ways you can protect yourself and your notebook or laptop computer when traveling is to first take simple, preventive steps before you leave:

  1. Make sure your operating systems and applications have been updated to the latest version of security updates.
  2. Make sure the firewall on your laptop is enabled and set to the highest security setting.
  3. Make sure that you have anti-virus software installed and that it is using up-to-date definitions.
  4. Make sure you have a full backup before you leave and that it is safely stored away.

Once on the road you will encounter many dangers not the least of which are the dreaded public WiFi networks. A public network is a network to which anyone has access such as those available at airports, hotels, restaurants, and coffee shops. When you connect to a public network, your online activities can be monitored by others. In addition, malicious individuals may use a plethora of attacks and exploits to gain access to your computer .  Some may even operate fake Wi-Fi networks that are designed to fool you into using them in order to attack your system unnoticed.

When possible, use a Wi-Fi network hosted by the hotel or business rather than picking a public Wi-Fi network at random. Some coffee shops and hotels will provide you with an encrypted connection and a key or passphrase that you should take advantage of when available, but this is rare. Even with Wi-Fi encryption, your communications could still be intercepted by other users of the same Wi-Fi network. Always use an encrypted connections from browser or email client when connecting from a public network.  Online mail and social network sites such as Gmail, Facebook, and Twitter enforce encrypted connections. This is indicated by the prefix “https” in the browser URL window or a nondescript padlock icon located somewhere on the browser window.  For email clients you will need to establish the necessary connection parameters from the hosting organization to ensure an encrypted connection for both sending and receiving of email.  These connections are common and fairly standard, but few clients use them by default and may be passing your personal information in readable text every time you connect.

If you are concerned that you cannot securely access the internet via a public network, another option is to connect to the internet via your smartphone 3G or 4G network connection. This is called “tethering.”  The approach varies with the phone and may require an additional monthly charge.  This approach may be enough to meet your immediate needs and in some cases may far surpass the available bandwidth on public networks. If so, the security provided by the smartphone broadband provider is better than public WiFi.  You’ll want to make sure that you are not inadvertently connecting to a public WiFi with your smartphone by turning the WiFi feature off during tethering if this isn’t done automatically.

Don’t use public computers as an alternative to public networks. These are the greatest danger you might face in your travels.  Public computers are fraught with perils, the worst of which is the keylogger - a hardware or software based keystroke recorder. This easily installed device records every keystroke a user makes and can be analyzed to produce login names, passwords, bank account numbers, PINs and more.  The only preventative for this exploit is avoidance. Limit your public computer activities to non-personal browsing.

Traveling with any personal electronic device creates an invitation for theft.  Laptop theft is growing at a rate of 20%/year, over 750,000 laptop thefts annually.  According to the FBI, 97% of stolen laptops are never recovered. With these statistics in mind there are some steps you can take to prevent your personal and professional information from falling into the wrong hands.

  1. You can encrypt all or part of your hard drive information. Some people encrypt the entire drive while others encrypt files with personal information.  
  2. Never lose sight of your computer, particularly at airport screening stations.  Put your compter onto the conveyor immediately before passing through screening so that it’s more likely to still be in the x-ray machine when you are done.
  3. Do not put your computer in checked luggage.  Use a carry-on bag. If possible use a backpack and not a bag that advertises “computer inside”.
  4. Make sure your computer prompts you for a password when coming out of screen saver,  stand-by, hibernate, and after reboot.  If you use applications such as the browser to store passwords make sure they are protected by a master password.
  5. Make sure your computer is labelled and that you have recorded the serial number.

There are now recovery services that you can subscribe to that use software and geolocation to guarantee recovery of your computer should it be stolen. These services range in price from $40-$100 per year and usually include software that will lock the computer and cost recovery insurance as well. An example of this service is “LoJack for Laptops” by Absolute Software.

Be vigilant and be prepared and you will be ahead of as many as .75 Million people out there traveling with you - probably more.

Copyright 2011 James W Brunt